Iphone as a pentesting device

20140314-114513.jpg

Tested on the iPhone 4S running IOS 7 jailbroken by using evasion7

I wanted to talk about using a iDevice (ios 7)as a pen testing device . But first, why should I do that?

Well, first off ,
Its portable
Not noticeable
it looks cool
its pretty fast
IOS == Unix
It can easily be used with the pineapple
Let’s move on , so how do you make your iDevice into a pentesting device ?
First you need jailbreak your iDevice (eg ; Evasion7)

Open Cydia
Adding repositories by going to “Manage” and then “Sources” and then “edit” and then “add”
Then add all these repositories :: http://cydia.myrepospace.com/Boo/ http://ininjas.com/repo/ http://cydia.xsellize.com/
When that’s done . click on “http://ininjas.com/repo/” and scroll down until you see “Metasploit” then click on “Metasploit” and then click on “edit” and then click on “Install”
When that’s done go back and scroll until you see “Aircrack-ng” and the click on it and install just like previous when thats done install Auto Reconnect , Mobile terminal ,beEF, CUPP, Dsniff Suite , dsniff-fr0g , Ettercap-ng GTk , Ettercap No GTK , Evil Grade ,iAHT, iPwN ,John the Ripper, Low Orbit Ion Cannon , NBTScan, Nikto2, Nmap , Pirni ,Ruby 1.8.6 , Searchsploit , SSLstrip , Wordlists , XSSer , xterm , IWep , SET (not the one thats called Social Engineering Toolkit but the one thats called SET!!) , OpenSSH ! , iSSH
I know that are alot of tools and it will take you some time but when its done you have an awesome pentesting device !
When you Installed all those Tools open Mobile terminal or xterm and type “su” and fill in your password “standard password is :: alpine ”
then type cd /pentest and there are all your tools .
Make sure you go to /pentest/exploits/SET/config and open the set_config and change the metasploit path to the path where metasploit is installed.

20140314-114238.jpg

About dlosada85


One response to “Iphone as a pentesting device

  • Abdul nabi

    A very nice guide.
    I am having a problem while adding ininjas repo it gives me ssl -9806 error
    Please help me.
    Thank you

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: