Metasploit 3.4 and SET 0.6.1 on iPhone 4

Metasploit 3.4 and SET 0.6.1 on iPhone 4

Metasploit 3.4.2 on the iPhone 4

Just a quick update on getting your favorite tools on iOS 4 – Metasploit and SET. You need to have a Jailbroken iPhone with SSH access for this. You will also need to install nano and APT 0.7 Strict via Cydia. Getting everything up and running is a breeze now. Open a console and type in:

cd /private/var/
apt-get install subversion nano ruby rubygems wget python
apt-get clean
wget http://www.metasploit.com/releases/framework-3.4.1.tar.bz2
tar jxpf framework-3.4.1.tar.bz2
cd msf3
svn update

Remember that everything takes a bit more time on the iPhone, be patient while running msfconsole for the first time. Once that’s done, its a quick path to a shell:

Social Engineering Toolkit (SET) 0.6.1

Also a breeze to install:

cd /private/var/
svn co http://svn.thepentest.com/social_engineering_toolkit/ SET/
cd SET/
./set # (Agree to install the pexpect and beautiful soup python modules).

Edit your set config file found at config/set_config and change the msf path to /private/var/msf3 (or relevant path). We ran the Website Cloner with a Malicious Java Applet :

And were immediately greeted by a meterpreter shell:

UPDATE: A few days after this post was made, the Cydia repos got an updated ruby 1.9 package, which breaks metasploit completely.

muts:/private/var/msf3 root# ./msfconsole
ruby(528,0x3e7c27c8) malloc: *** error for object 0x316eff0: pointer being freed was not allocated
*** set a breakpoint in malloc_error_break to debug
Abort trap

To resolve this, uninstall ruby 1.9, and rubygems, and install the older packages (ruby_1.8.6-p111-5_iphoneos-arm.deb and rubygems_1.2.0-3_iphoneos-arm.deb) manually with dpkg.

Menu
X Close

 

Certified Pentesting
Professional

OSCP
course starting at
$800 USD

Take Penetration Testing with Kali Linux to gain invaluable penetration testing skills and earn your OSCP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCP

Certified Pentesting
Expert

OSCE
course starting at
$1200 USD

Take Cracking the Perimeter to take your penetration testing skills to expert levels and earn your OSCE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSCE

 

Certified Pentesting
Web Expert

OSWE
course starting at
$1400 USD

Take Advanced Web Attacks and Exploitation, to deep dive into web apps to earn your OSWE.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWE

Certified Pentesting
Wireless Professional

OSWP
course starting at
$450 USD

Take Offensive Security Wireless Attacks to acquire knowledge about Wi-Fi attacks and earn your OSWP.

  • Self-paced, online course
  • Includes certification exam fee
  • Access innovative virtual labs
  • Hands-on experience
  • Become an OSWP

Certified Exploitation
Expert

OSEE
course starting at
See
Live Schedule

Take Advanced Windows Exploitation to develop exploits for Windows systems and earn your OSEE.

  • Live training course
  • Includes certification exam fee
  • Maximum instructor interaction
  • Highly challenging
  • Become an OSEE