Become a Partner
Add OffSec to your list of training providers
Partner with usBlog
Aug 7, 2010
Installing metasploit and social engineering toolkit SET on iPhone 4
3 min read
Just a quick update on getting your favorite tools on iOS 4 – Metasploit and SET. You need to have a Jailbroken iPhone with SSH access for this. You will also need to install nano and APT 0.7 Strict via Cydia. Getting everything up and running is a breeze now. Open a console and type in:
[cc lang=”bash”]
cd /private/var/
apt-get install subversion nano ruby rubygems wget python
apt-get clean
wget http://www.metasploit.com/releases/framework-3.4.1.tar.bz2
tar jxpf framework-3.4.1.tar.bz2
cd msf3
svn update
[/cc]
Remember that everything takes a bit more time on the iPhone, be patient while running msfconsole for the first time. Once that’s done, its a quick path to a shell:
Also a breeze to install:
[cc lang=”bash”]
cd /private/var/
svn co http://svn.thepentest.com/social_engineering_toolkit/ SET/
cd SET/
./set # (Agree to install the pexpect and beautiful soup python modules).
[/cc]
Edit your set config file found at config/set_config and change the msf path to /private/var/msf3 (or relevant path). We ran the Website Cloner with a Malicious Java Applet :
And were immediately greeted by a meterpreter shell:
UPDATE: A few days after this post was made, the Cydia repos got an updated ruby 1.9 package, which breaks metasploit completely.
[cc lang=”bash”]
muts:/private/var/msf3 root# ./msfconsole
ruby(528,0x3e7c27c8) malloc: *** error for object 0x316eff0: pointer being freed was not allocated
*** set a breakpoint in malloc_error_break to debug
Abort trap
[/cc]
To resolve this, uninstall ruby 1.9, and rubygems, and install the older packages (ruby_1.8.6-p111-5_iphoneos-arm.deb and rubygems_1.2.0-3_iphoneos-arm.deb) manually with dpkg.
Sign up for the Secure Leader and get the latest info on industry trends, resources and best practices for security leaders every other week
Enterprise Security
The Fortinet 2024 Skills Gap report shines a light on critical issues that plague the cybersecurity industry. Here are our main takeaways.
Sep 6, 2024
6 min read
Insights
The OffSec team was at the Black Hat USA 2024 conference and we are excited to share our top 5 favorite talks.
Sep 6, 2024
5 min read
We’re sharing all of the important information related to the OSCP+ so you can know what this means for past, current and future learners.
Sep 4, 2024
2 min read