Web Hacking

Although we cannot get more robust applications loaded onto the iPod touch, such as Core IMPACT or HP WebInspect, there are still some good applications available. For example Nikto open-source (GPL) Web server scanner version information; Nikto is a Perl application available for download at http://cirt .net/nikto2.
Ranked #12 of the top 100 network security tools by Insecure.org, Nikto will scan a server for configuration files, cgi applications, outdated version information, and a multitude of other bits of data that can be useful in a penetration test. Although most of the work done by Nikto focuses on information gathering, it does a pretty good job of identifying potential vulnerabilities when found.

Wireless Attacks

Unfortunately, the iPod touch’s wireless chip cannot be placed into promiscuous or monitor mode, meaning we cannot obtain wireless data necessary to conduct brute force attacks against wireless access points using encryption. There are other mobile devices that can be set for promiscuous or monitor mode, so if a brute force attack is an absolute necessity, there are options available. However, there is an application that can intercept traffic on a wireless network called “Pirni,” written by Axel Moller also available through Cydia.
The program is configured to intercept all traffic intended for the default router (192.168.1.1 in this particular network) through ARP spoofing. Based on the Berkley Packet Filter (BPF) values, the only traffic that will be collected is TCP segments leaving the network, destined for port 80. The BPF can be modified to capture whatever type of traffic we are after. The Regex Options are used to immediately capture interesting packets, such as usernames and passwords.
Continue reading