How To: iDevice Jailbroken = Your New PenTesting Tool.

A very useful post! Keep this up!

uhm, what do you think of installing kali or such an OS to an iDevice? is it possible nowadays or not yet up? Thanks

Obviously, before going to install everything one by one with Cydia (that, let's say, is a bit annoying, and some of the tools aren't very well ported, plus the bad Wifi scan abilities of iDevices), I thought about directly installing Kali there. But sadly, I couldn't find anything. Which made me disappointed, because you can on Android (spoiler, shh...).

That's mainly because you can't (IMO, and according to what I know, blame me if I'm wrong), you can't install ISOs on iPhone.

But I'd say that's just "not yet up". Who knows, just looking at where we got with these, it wouldn't surprise me if tomorrow, 31 august, we could (again, maybe I'm just dreaming, hands forward: I've not such experience).

EDIT: It's now possible to install LInux on older devices than iPhone 4, but I don't know what limitations Kali might have.

And now that you let me think about it, you could always manage a remote Desktop form your iDevices (see TeamViewer and Remote Desktop), with the only limit of not using the WiFi connection of the device, but the Remote Desktop one's. If this could do, it's not even hard to do.

Just pointing this out that this post is on facebook with minor differences TBH
S_R

That stupid social network don't let me create a fame account, so I'll just leave it there, I'm proud of having my first clones. It means my posts are worth being copied.

Anyway, much thanks for the report!

Also another thing the Facebook post was in september of 2011 and this post was 6 months ago......
S_R

I'm sorry that can't be. Make dure everything is all right. This is my content.
Facebook doesn't keep so old content. There was no iOS 7 or 8 in 2011.

It says 1 september 2014 here it is. Mistyped?

The date reports the latest edit I've made, always, not the publish date. I published this post in August 2014. In fact comments date back to 10 months ago.

Don't move accuses if you are not sure. Check it again, you sure made some mistake ;-) no problem.

Anyways, thanks for your time!
Peyce!

nice :-)

Hi
I managed to get this working, but i cant get airodump and aireplay commands at all.... All i need is the
Aireplay-ng --deauth....

Can you please help me on deauth the near network through the mobile terminal? Which other tool can do the same deauth if airodum and aireplay can be installed?

Thank You!

Just wanted to let you know I heard you and
I'm workin on it!
EDIT: iPhone's Aircrack-ng doesn't support monitor mode due to iPhone limitations. Official description:

"Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. Unfortunately, due to the iPhones limitations, only the cracking part will work.

In fact, Aircrack-ng is a set of tools for auditing wireless networks."

In 4 hours I'll be looking for alternatives.

As far as I found, since iPhone can't change to monitor mode, it is impossible.
And even if there was a way, iNinjas had to port aicrack's other features yet.
I'm very sorry, but I'll continue to search for alternatives.

It's an iPhone, if you have one you should know how many limitations it has. You are asking for a computer...(or Android, which I'll be soon moving to...)

Thanks for fast answer. Well unfortunately i have an iphone and wont switch to android, but certianly i will get some android for this purpose only.

In case you find anything just to deauth clients on a scanned network pls post it here. Thanks again

Just to clarify: I was not in any way trying to induce you to buy Android, obviously, I just wanted to point out that they are capable of doing it.

I'll keep looking for it, as I'm interested also.

Ofcourse, dont worry aboit that at all :)
Thx a lot again

Btwwhy i am getting ILLEGAL INSTRUCTIONS: 4 When i try to run ettercap and other tools aswell :(

For the same reason mentioned before, you won't be able to run ettercap (however I think that error is not related to this), but I can help you with other tools. Can you provide me an example, like what you've done step by step?

Oh i see. I havent read the part where ettercap couldnt made it work. So its all good, when inget again to the same error message i will write the otput and post it here. Thanks again friend.

wow, can you do the same thing with a terminal on android?

Yep, even better, give me some days ;)

Done, the guide is out ;)

I saw! :) I was impressed it got out so fast! Thanks for the effort :)

On android you can use NetHunter

Only for Nexus devices and One.

Hey I can't find the guide plz help

Brice, what guide?

If I try to run the ./msfconsole command I'm getting an Illigal instruction :4 error... How can I fix this?

Working on it. Looks like a compatibility problem. Can you share your iDevice and iOS? Other people are having this problem and I'd like to understand how to solve it.

Someone solved it by following this: ruby illegal instruction 4 metasploit error fix: http://youtu.be/l5-RJYrlLNo.
Please, try this and report the results; thanks.

Would somebody please explain how I use the nmap GUI? It keeps sayin the DNS has an error. Also, why does mobile terminal say 'illegal instruction:4' when I try to run metasploit?' Thanks!

This guide is reporting errors with some new devices, the illegal instruction 4 is frequent, I'm looking for solutions. Can you post your OS and device model?

What DNS error?

Thanks for the prompt reply. I'm on IOS 8.1.2, iPhone 5s. Could you please explain how to use mobile terminal, I have no idea. It seems like.msfconsole/ is wrong, and it should be mafconsole. Also, could you please explain how I use the nmap gui? Thanks

Other people are in your same condition. Still have to figure out what causes the problem, os or device.

The nmap GUI should just work out of the box. You write the target in the textbox and run the scan. Eventually, you can check some options, if you need it. Sometimes the DNS error is just a fake red flag, it should work anyway, just wait a few minutes at most. If it doesn't work, report.

I'm using an iPad (ipad 2 ) with version 8.1.1 , does it work with my device ?
and one more thing did you get Set tool kit to work?
Best Regards ! :)

I still have to figure out which between OS and device causes the problem. Maybe you can try it and then report? These tools are slowly becoming unefficient and obsolete, this is why I recommend to use an android device which handles these kind of things very good (if you really need it).

So, please, try and follow this guide, then report your results, while I'm going to make a deeper research about this issue.

I have an android ... lol :P
but I'm afraid it becomes super slow and overheat over time

or do you recommend to install kali on android i mean wont it becomes slow by time because i use my phone often i preferred to use kali tools on iPad

I'm obviously not trying to convince you anyway, but the way you install Kali on android is not that power draining. It's like a very light virtual machine (chroot environment) that you can start and stop whenever you want. If you need more informations, check this out. Since Android is based on Linux kernel (as far as I know), it's a lot easier to port tools there, while it still is natively more customizable than iOS. I use Kali environment and infosec tools on my device every day (actually not, I still prefer using computers, you'll soon realize that tools on your phone are useless), and so far no battery draining neither slowing down. Make sure you have enough free space (or a convenient external SD card) and try to reduce RAM usage if you feel that Kali is too slow (try and change your launcher for example).

However, it would be interesting if you first tried on your iPad and told me the results.

Again: do whatever you want, I'm only talking about my experiences with this for future reference and other readers who might be interested.

Yeah Man , thank you very much for the valuable info

I know that you're not trying to convience me , but by the way i was thinking of deploying kali on android and since you mentioned that it's like a light virtual machine i would consider deploying it on android

I used kali on pc too it's awesome but not anymore i don't want to continue using it until i upgrade my custom pc with more rams cause i had 4gb

You are welcome. Let me know your progresses if you can.

Alright

Hey CIUFFY

I'm trying to install kali linux on android using linux deploy and i have vnc viewer installed also but im getting an error

begin : install
Checking mount points ... fail
Press STOP and repeat attempt
I don't know what is the problem so any help would be appreciated
the solution might be silly that im so stupid to figure it out or a little more difficult for me to sort it out
What i think is to do with the installation path but i tried it alot
i tried also changing it to the internal memory ( /storage/emulated/0/linux.img ) but i prefer to install it on sd card
Please Help ASAP!!
Thanks in Advance

btw im reading your article now hope it helps and i'll tell you what happens

https://null-byte.wonderhowto.com/how-to/rooted-android-your-new-pentesting-tool-0159093/

Try the guide and then post your results there, and I will try to help you.

Thanks man you're awesome !! that article saved my issue You're the best !!

thanks no worries im installing kali based on what you explained and that solved the issue ;)

Glad my work could help. You are welcome.

Hello , thanks

i have a question i finished installing kali distribution from start GNU/Linux installation using linux deploy and then moved on and reconfigure after that and as you suggested i installed JuiceSSH and applied the info that you said about , made a new connection with a random nickname 127.0.0.1 port :22 as it is

type is SSH
but im getting an error
Connection Failed
failed to connect to /127.0.0.1 (port 22 ) : connect failed ECONNREFUSED(Connection refused)
i think im getting the same error in VNC Viewer which i have it also installed

And i have only 5.49 free space on sd card is that a problem ?

Are you sure the installation went fine? What does the output look like when you press start in Linux Deploy? Please continue the discussion under the appropriate article, so that other people can solve the issue too.

HI, I am getting a illegal instruction 4 error when trying to run metasplot on the mobile terminal. Any help?

We currently have no solution for that problem, sorry! Other people have been reporting that and I'm working on it.

Hello
my cydia add repo, no tool in there! how can I repo?
ininjas.com/repo

Try with a final slash at the end. Long time I haven't tried, but I remember I had a similar issue.

ininjas repo doesn't work. Does anybody has a mirror or something?

how cai i crack wifi passwod with my apple jailbreak iphone.if there is possible plz suggest to me.

pathik you can try aircrack-ng, once download it worked perfectly for me (depending on what security that wifi has) in the command line you can download from bigboss..

I´ve followed the Instruction step by step, but now I cant find "/var/root/pentest/exploits/framework(3)./msfconsole".
I get an Error that says "No such file or directory."

Can anyone help?

There are too many errors when I use ettercap on an ipod touch4.Libpcap doesn't work well on my ipod...Any ideas ?

I am having this issue when I am trying to add the repo .
And nothing appears in the repo .
ininjas.com/repo