lamda
by firerpa
Overview
AI-powered Android automation framework for mobile data and task automation.
Installation
docker run -d --name firerpa --privileged -v ~/firerpa:/user -e LICENSE= -e DOMAIN=firerpa.local -e WEB_PORT=8000 -e API_PORT=65000 -p 8000:8000 -p 65000:65000 --restart always registry.device-farm.com/firerpa/server:latestEnvironment Variables
- CERTIFICATE
- PORT
- LICENSE
- DOMAIN
- WEB_PORT
- API_PORT
- PROXYPORT
- LANIP
Security Notes
CRITICAL: The `tools/scp.sh`, `tools/ssh.sh`, and `tools/rsync.sh` scripts hardcode a universal RSA private key. This means anyone with access to the source code can impersonate clients configured to use this default key, leading to complete compromise. Additionally, these scripts disable SSH host key checking (`-o StrictHostKeyChecking=no`), making connections vulnerable to Man-in-the-Middle attacks. The system requires root access, which amplifies the impact of any security flaw. The `startmitm.py` script facilitates MITM attacks by installing a CA certificate, and `DNS2SOCKS.c` enables DNS tunneling, which, while functional, poses significant risks if misused. The default proxy credentials are randomly generated, which is good, but the core vulnerability of the hardcoded SSH key remains.
Similar Servers
jadx-ai-mcp
Integrates an LLM with JADX decompiler to analyze Android APKs, uncover vulnerabilities, and assist in reverse engineering through a Model Context Protocol (MCP) server.
adbfriend
Enables AI agents to manage Android devices, sync files, configure for tests, and perform package operations via ADB for development and testing.
rulego-server
A lightweight, high-performance, and modular automation workflow platform for orchestration, iPaaS, API/AI orchestration, data processing, and IoT rule engine scenarios.
pentestMCP
This MCP server enables AI agents to perform automated and interactive penetration testing tasks by exposing a suite of security assessment utilities as callable tools.