Blog
Aug 7, 2010
Metasploit 3.4 and SET 0.6.1 on iPhone 4
Installing metasploit and social engineering toolkit SET on iPhone 4
3 min read
Metasploit 3.4.2 on the iPhone 4
Just a quick update on getting your favorite tools on iOS 4 – Metasploit and SET. You need to have a Jailbroken iPhone with SSH access for this. You will also need to install nano and APT 0.7 Strict via Cydia. Getting everything up and running is a breeze now. Open a console and type in:
[cc lang=”bash”]
cd /private/var/
apt-get install subversion nano ruby rubygems wget python
apt-get clean
wget http://www.metasploit.com/releases/framework-3.4.1.tar.bz2
tar jxpf framework-3.4.1.tar.bz2
cd msf3
svn update
[/cc]
Remember that everything takes a bit more time on the iPhone, be patient while running msfconsole for the first time. Once that’s done, its a quick path to a shell:
Social Engineering Toolkit (SET) 0.6.1
Also a breeze to install:
[cc lang=”bash”]
cd /private/var/
svn co http://svn.thepentest.com/social_engineering_toolkit/ SET/
cd SET/
./set # (Agree to install the pexpect and beautiful soup python modules).
[/cc]
Edit your set config file found at config/set_config and change the msf path to /private/var/msf3 (or relevant path). We ran the Website Cloner with a Malicious Java Applet :
And were immediately greeted by a meterpreter shell:
UPDATE: A few days after this post was made, the Cydia repos got an updated ruby 1.9 package, which breaks metasploit completely.
[cc lang=”bash”]
muts:/private/var/msf3 root# ./msfconsole
ruby(528,0x3e7c27c8) malloc: *** error for object 0x316eff0: pointer being freed was not allocated
*** set a breakpoint in malloc_error_break to debug
Abort trap
[/cc]
To resolve this, uninstall ruby 1.9, and rubygems, and install the older packages (ruby_1.8.6-p111-5_iphoneos-arm.deb and rubygems_1.2.0-3_iphoneos-arm.deb) manually with dpkg.
Cybersecurity leader resources
Sign up for the Secure Leader and get the latest info on industry trends, resources and best practices for security leaders every other week
Latest from OffSec
OffSec News
OffSec Yearly Recap 2024
Join us as we explore all our successes in 2024, including exciting new content, courses, and so much more!
Dec 23, 2024
8 min read
Enterprise Security
Red Team vs Blue Team in Cybersecurity
Learn what a red team and blue team in cybersecurity are, pros and cons of both, as well as how they work together.
Dec 13, 2024
13 min read
Enterprise Security
Building a Future-Ready Cybersecurity Workforce: The OffSec Approach to Talent Development
Learn all about our recent webinar “Building a Future-Ready Cyber Workforce: The OffSec Approach to Talent Development”.
Dec 13, 2024
4 min read