Post-exploitation on Apple iDevices

Apple has been known for its secure services deployed in its iDevices, which are iPhone, iPad, and so on. Testing iDevices from the perspective of a penetration tester is troublesome and complex. However, if an iDevice is jail broken, this task becomes much easier to perform.

Our discussion here will focus on testing an iDevice in a jail broken environment. We assume that we have the SSH access to the target by fate or by exploiting an SSH vulnerability in the iDevice.

Tip

You can learn about exploiting the SSH service at http://www.youtube.com/watch?v=1JmUIyfWEzc

Exploiting iOS with Metasploit

After we have seen how to exploit the SSH vulnerability from the preceding resource, let's move on and try to log in to ...

Get Mastering Metasploit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.