Test app sourcecode using ngtf
200 views
Skip to first unread message
mk...@bu.edu
Feb 27, 2015, 2:39:13 PM2/27/15
to nogot...@googlegroups.com
I've sourcecode for an android app. Can I use ngtf to test the app using the source code?
If so, how ?
yzn...@gmail.com
Feb 28, 2015, 7:22:36 AM2/28/15
to nogot...@googlegroups.com
Hi mk - you can't test mobile app source code for security issues using nogotofail. You can test your compiled mobile application code after its installed on an Android device (as an apk) and when the device is "on path" with ngtf.
Amandroid is a recently developed tool that performs static code analysis (of source code) to identify security issues.
http://amandroid.sireum.org/index.html
I haven't used it but it sounds interesting.
Amandroid is a recently developed tool that performs static code analysis (of source code) to identify security issues.
http://amandroid.sireum.org/index.html
I haven't used it but it sounds interesting.
mk...@bu.edu
Feb 28, 2015, 4:27:39 PM2/28/15
to nogot...@googlegroups.com, yzn...@gmail.com
I installed app onto my device. I'm not sure how to set up the app "on path" with ngtf. Can you give me some pointers on that?
yzn...@gmail.com
Feb 28, 2015, 7:40:32 PM2/28/15
to nogot...@googlegroups.com
Hi mk - to get your Android device "on path" with ngtf you will need a Linux machine acting as a proxy and running the nogotofail.mitm service.
There is a couple of ways I know of doing this:
1. VM proxy
Using something like virtualbox or vmware player you can use a virtual machine proxy with 2 network interfaces. U could build one from scratch or use a pre-built one like ubufuzz:
http://www.cert.org/blogs/certcc/post.cfm?EntryID=203
I configured the wireless interface as an access point, which means the interface must support "monitor" mode.
If your PC's wireless card doesn't support "monitor" mode you'll need to use an external adapter. I use a Tp-link tl-wn823n which is low power and works great.
This VM has iptables redirect rules to redirect traffic on standard http/https ports (80/443). I found I had to remove these for ngtf theory mode.
I'll post a link for setting up the proxy machine on a physical device abit later.
There is a couple of ways I know of doing this:
1. VM proxy
Using something like virtualbox or vmware player you can use a virtual machine proxy with 2 network interfaces. U could build one from scratch or use a pre-built one like ubufuzz:
http://www.cert.org/blogs/certcc/post.cfm?EntryID=203
I configured the wireless interface as an access point, which means the interface must support "monitor" mode.
If your PC's wireless card doesn't support "monitor" mode you'll need to use an external adapter. I use a Tp-link tl-wn823n which is low power and works great.
This VM has iptables redirect rules to redirect traffic on standard http/https ports (80/443). I found I had to remove these for ngtf theory mode.
I'll post a link for setting up the proxy machine on a physical device abit later.
yzn...@gmail.com
Mar 1, 2015, 2:07:41 AM3/1/15
to nogot...@googlegroups.com
2. Physical Proxy Machine
Again you'll need 2 network adapters. I used a raspberry pi (model b+) as a proxy device and it worked very well. Below is some links to setting up a raspberry pi as a proxy using raspbian, although the steps should be almost the same for other devices running debian based OS's (e.g. Ubuntu).
These tutorials use the wireless adapter (wlan0) in "monitor" mode as an access point and a wired interface (eth0) connected to a router/internet connection. These instructions are for setting up mitmproxy (a great ssl proxy tool) but are very close to what's needed for ngtf.
Again, you'll probably have to remove the iptables redirect rules for Ports 80 and 443 when using ngtf in tproxy mode.
http://andrewmichaelsmith.com/2013/08/raspberry-pi-wi-fi-honeypot/
http://jeffq.com/blog/setting-up-a-man-in-the-middle-device-with-raspberry-pi-part-1/
I personally prefer using a physical device as a proxy. I've had reliability problems with virtual machines, in my experience they don't behave as consistently when communicating with network adapters.
I hope this helps.
Again you'll need 2 network adapters. I used a raspberry pi (model b+) as a proxy device and it worked very well. Below is some links to setting up a raspberry pi as a proxy using raspbian, although the steps should be almost the same for other devices running debian based OS's (e.g. Ubuntu).
These tutorials use the wireless adapter (wlan0) in "monitor" mode as an access point and a wired interface (eth0) connected to a router/internet connection. These instructions are for setting up mitmproxy (a great ssl proxy tool) but are very close to what's needed for ngtf.
Again, you'll probably have to remove the iptables redirect rules for Ports 80 and 443 when using ngtf in tproxy mode.
http://andrewmichaelsmith.com/2013/08/raspberry-pi-wi-fi-honeypot/
http://jeffq.com/blog/setting-up-a-man-in-the-middle-device-with-raspberry-pi-part-1/
I personally prefer using a physical device as a proxy. I've had reliability problems with virtual machines, in my experience they don't behave as consistently when communicating with network adapters.
I hope this helps.
Chad Brubaker
Mar 1, 2015, 4:23:51 PM3/1/15
to Michael Kennedy, nogot...@googlegroups.com
The recommended route is to use our provided docs for setting up a VPN VM in GCE in https://github.com/google/nogotofail/blob/dev/docs/gce/readme.md
Setting up a MiTM on a Linux box is non-trivial and if using wifi very hardware dependent and unless you know how set up Linux routing I'd recommend using our provided scripts and setting up a VPN.
--
You received this message because you are subscribed to the Google Groups "nogotofail" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nogotofail+...@googlegroups.com.
To post to this group, send email to nogot...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nogotofail/ad9d8bf1-1607-4911-bd90-56b2b332753d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
yzn...@gmail.com
Mar 1, 2015, 7:37:30 PM3/1/15
to nogot...@googlegroups.com
+1 for your comments about setting up Wi-Fi and routing on Linux Chad.
I spent about 6 weeks experimenting with different Wi-Fi adapters, drivers and routing configurations before I ironed all the bugs out. A hosted gce sounds way less hassle.
I spent about 6 weeks experimenting with different Wi-Fi adapters, drivers and routing configurations before I ironed all the bugs out. A hosted gce sounds way less hassle.
mk...@bu.edu
Mar 1, 2015, 9:13:57 PM3/1/15
to nogot...@googlegroups.com, yzn...@gmail.com
I've setup VM instances with GCE as said. I've some doubts about "setting up clients to be MiTM". I installed the Openvpn , but not sure about establishing the connection.
mk...@bu.edu
Mar 2, 2015, 10:47:46 AM3/2/15
to nogot...@googlegroups.com, yzn...@gmail.com
I'm done with the setup. How do I test an android app using this and ngtf?
On Sunday, March 1, 2015 at 4:23:51 PM UTC-5, Chad Brubaker wrote:
Mahmoud Mohammed
Dec 10, 2021, 1:04:08 PM12/10/21
to nogotofail
Reply all
Reply to author
Forward
0 new messages