There are numerous commercial tools available to a professional penetration tester who conducts vulnerability identification analysis – unfortunately, none have been ported to the iPod touch.
The Nmap application has the ability to use scripts that interpret the Nmap findings and attempt to identify vulnerability; however, the development of Nmap as a vulnerability scanning application does not have the support that other programs do, like Nessus or Core IMPACT (to name a couple).
Perhaps a better alternative is to use the iPod touch as a pivot for more robust vulnerability scanners.
I would say that the use of the iPod touch as a platform to conduct a pivot attack seems to be the best option for conducting a vulnerability identification scan than trying to use Nmap or do the identification manually.
We can use an agent deployed on the iPod touch to conduct vulnerability exploita- tion, similar to the way an agent can be used to perform vulnerability identification. Again, Core IMPACT would be a good choice for such an attack. However, there is an application framework that can perform vulnerability exploitation, which can be installed using Cydia – the Metasploit 3.0
Similar to the traditional application installed on laptops or desktops, the Metasploit application can be run from the command line from the iPhone touch where we can launch exploits against servers with greater certainty of stability and accuracy.
For those who prefer the Metasploit Web-based exploit application, we can use that on the iPod touch as well. In Figure 12.9, we see the front Web page of the Metasploit Framework Web console (iPod:~ root# msfweb &). Although not as reliable as the command-line method, the Web console makes it easier to visualise attacks and select payloads. The preference of one over the other is up to the user.
Another alternative to vulnerability exploitation is to create our own exploit code or download it from a Web site, such as milw0rm.org. In order to take advantage of the scripts available on the milw0rm.org site, we need to have some program lan- guages installed.
Also, Perl, Python, bash, and ruby are available for use. The GNU C Compiler can also be installed which will allow us use those exploits that need to be compiled. With these different programming languages available, we should be able to compile any exploit we find on the Internet.
If we need to do some packet manipulation, we can install the scapy application, available at http://www.secdev.org/projects/scapy/.
Nevertheless one disadvantage with the iPod touch is that there are no applications that can be installed which will read and display pcap files, which are captured packets. To view the packets, it is necessary to download any pcap files onto a remote system, and read offline. This will be a problem also when we conduct wireless attacks using the iPod touch.
Leave a Reply