Make iPhone a penetration testing tool

[Nicholas Petty] has posted a guide to setting up your iPhone as a penetration tester. You already carry it around with you and, although not too beefy, it does have the hardware you need to get the job done. So if you’re not interested in building a drone or carrying around a boxy access point try this out. The first step is to jailbreak your device and setup OpenSSH so that you can tunnel in for the rest of the setup. From there the rest of the setup is just acquiring build tools and compiling pentesting programs like Aircrack-ng, Ettercap, Nikto2, and the Social Engineering Toolkit. You’ll be up to no good testing your wireless security in no time.


  1. giovannizero says:

    Very cool, I’d like to see a similar guide for android.

  2. Word says:

    Why post this now? This article is several years late, this was all possible with iPhone version 1.

  3. AK says:

    the title of the post is full of all kinds of wrong

  4. neorazz says:

    alright now how do i do the same thing on a droid ?

  5. ziplock says:

    This is OLD news, and also misleading. The iPhone will NOT be capable of packet injection, which is a major part of aircrack-ng.

  6. Tiao says:

    Wow, is that serious i can install All this “iPhone only” apps, to make a pentest tool? ¬¬

  7. mowcius says:

    AK, yes, it’s too late in the day :p

  8. kevin says:

    On a side note, why does every guide everywhere says use SSH when “iphone browser” does the same with with a GUI? I’m not related to them, I just like it way better than SSHing all the custom themes and stuff I make.

  9. Nick says:

    I know that this has all been done before, but I wrote this because of the lack of actual documentation of it.

  10. osgeld says:

    he said penetration and tool

  11. LazyMegaMan says:

    Came here to say “Ok, NOW I’ll get an iPhone.”

    But upon reading it’s unable to implement packet-injection, it looks like I’ll have to keep waiting for an interesting iPhone app to pull me into the purchase. Guess no one’s hacked it into the wifi drivers yet.

  12. Leithoa says:

    Perhaps not as in depth as yours(I haven’t read it, sorry), but it’s not too shy on details

    And the Actual talk with slides

    [video src="" /]

  13. M4CGYV3R says:

    Use android and download/make your own. Unlike the iPhail you can actually write your own software without big company approval.

  14. biozz says:

    because i did not know about it and im not alone

    not all of us spend 25 hours a day searching peoples blogs

  15. felix says:

    IIRC you still cant use the monitormode for sniffing wireless networks, not on the iPhone also not on Android. Please correct me if I’m wrong because I’d love to be able to set up a small wireless capturing beacon for portable pentesting :)

  16. Nick Petty says:

    @leithoa, thanks for the second link, i’ve been wanting to see that. The first one was actually some of the inspiration for writing this.

  17. g33k says:

    It frustrates me no end to see this on iPhone. I’ve looked several times for similar toolkits for my Droid, to no avail. Yes, I know I can, in theory write/port it myself. Like most everyone, I’ve not got the time…

  18. felix says:

    g33k you can just load up debian on your Droid and run all those tools there

  19. mostlymac says:

    I’m assuming that since the author mentions using snowbreeze to create a custom firmware to allow for a bigger root partition that this would be incompatible with the iPhone 4?

  20. Navic says:

    I’m pretty sure all cell phone wifi cards do not support monitor mode and packet injection, hence it can’t really ‘penetrate’ but merely ‘test’ wifi connectivity if you have the right key already…. Too bad :(

  21. g33k says:

    @felix, I have read that one can load Debian, but doesn’t one lose the phone functionality?

  22. NatureTM says:

    I guess it’s fairly useful, portable, and discreet for recon, but I don’t think you’ll be doing too much actual penetration with it. Still, I loved Ettercap when I was into this stuff, and I can think of a few pranks and a few more malicious things that portable ettercap would be useful for.

    Oh, and I think Nmap should absolutely be on the list.

  23. Maave says:

    I looked into this a while ago but all the apps available seemed to be in just PoC stage.

    Any possibility of this on Android?

  24. alucardv says:

    Nokia N900 is capable of injection. Just sayin’.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

Join 96,650 other followers