Make IPhone A Penetration Testing Tool

[Nicholas Petty] has posted a guide to setting up your iPhone as a penetration tester. You already carry it around with you and, although not too beefy, it does have the hardware you need to get the job done. So if you’re not interested in building a drone or carrying around a boxy access point try this out. The first step is to jailbreak your device and setup OpenSSH so that you can tunnel in for the rest of the setup. From there the rest of the setup is just acquiring build tools and compiling pentesting programs like Aircrack-ng, Ettercap, Nikto2, and the Social Engineering Toolkit. You’ll be up to no good testing your wireless security in no time.

27 thoughts on “Make IPhone A Penetration Testing Tool

  1. Came here to say “Ok, NOW I’ll get an iPhone.”

    But upon reading it’s unable to implement packet-injection, it looks like I’ll have to keep waiting for an interesting iPhone app to pull me into the purchase. Guess no one’s hacked it into the wifi drivers yet.

  2. IIRC you still cant use the monitormode for sniffing wireless networks, not on the iPhone also not on Android. Please correct me if I’m wrong because I’d love to be able to set up a small wireless capturing beacon for portable pentesting :)

  3. It frustrates me no end to see this on iPhone. I’ve looked several times for similar toolkits for my Droid, to no avail. Yes, I know I can, in theory write/port it myself. Like most everyone, I’ve not got the time…

  4. I’m pretty sure all cell phone wifi cards do not support monitor mode and packet injection, hence it can’t really ‘penetrate’ but merely ‘test’ wifi connectivity if you have the right key already…. Too bad :(

  5. I guess it’s fairly useful, portable, and discreet for recon, but I don’t think you’ll be doing too much actual penetration with it. Still, I loved Ettercap when I was into this stuff, and I can think of a few pranks and a few more malicious things that portable ettercap would be useful for.

    Oh, and I think Nmap should absolutely be on the list.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.