Search the Community

hello everybady,i am new in this forum.right now i work as penetration tester for a little compay who protects from mobile hacking.In this project I am searching for an opensource app or a leaked app that has the ability to do full jailbreak to an iPhone and get full Remote access like: uploads and downloads data from the phone,use the camera and video, record voice,gets user location,web history,list of contacts and so on.i also tried many commrical apps like:mSpy,MobileStealth and so on but they were useless.i thoungt to myself that for the start i can lure the user using spearphising or wififisher.do you have any good,working ideas for the app?

Can AirDrop be used to hack you? let's say that there is a "creative coder" (hacker) on one end of an AirDrop and an iPhone on the other could the hacker send a picture, video or file with some harmful code on it. Would this be a more modern version of bluejacking after all AirDrop does use Bluetooth? While if you have your airdrop turned off completely. But if your air drops on contacts only you would also think that you would be fine because it's not like your friends are going to try to hack you (well most people friends ours might) even on contacts only this is still a huge risk. Let me use an example out of a 100 people only 1 has airdrop on everyone his name is Bob so Bob gets hacked that not a really big deal but then Bob's phone starts airdropping to all his contacts and everyone near him with airdrop on everyone. And this same cycle happens, again and again, It's the weak link bob that got everyone infected even if they where on contacts only.

I found out that you can use the Airport Utility App to scan for active wifi on your iPhone. in the airport utility settings, toggle wi-fi scanner and the app gives you a button at the bottom for scanning WiFi. The results show SSID, BSSID, MAC addresses, RSSI, channels, and clicking on a result shows past scans signal strength and channel. This seems to be the only app that has access to the MAC address under the new IOS 11+.

Iam so curious to someone. I want know her more. Can i hack her iphone with wifi connection? or something else can i do? please help me

I found the iPhone app gps2ip and got it to send gps data to kismet on my laptop. nc -l -p 11123 | tee /dev/ttys0 When I have time I'm going try to run it on the nano. A pineapple nano and an iPhone4 would make a nice small wardriving/walking rig. If if there is any interest I can post my notes on the set up.

NetworkToolbox - Network scanning and analyzing by Marcus Roskosch https://appsto.re/us/9wa2M.i https://networktoolbox.de/ Shits extensive. I don't pay for apps willy-nilly, this one has not failed to impress. Heres a list of it's features: Features of NetworkToolbox Scan your local home- or corporate-network within seconds. Explore all connected devices and get a complete picture of your network. Over 26 individual tools are available to analyze your network, to perform various security checks or even connect to devices on your network. SCANNING – FAST AND COMPLETE The included Network scanner runs repeated scans to get the most accurate results. To prevent from being detected by Firewalls or IDS (Intrusion detection systems), the scanned addresses are selected randomly. For the fastest possible speed, scans will be performed in hundreds of concurrent tasks at the same time. This results in the fastest and most reliable scan results compared to any other app. Devices, found by the Network scanner can be further analyzed by scanning for services using the Portscan tool. Portscans may reveal known and unknown (hidden) services of devices. All tools are highly integrated. Wherever you want to dig deeper into the results of one tool, a single tap will allow you to open the internal browser, start a telnet or FTPsession, ping the host, get information about a SSL certificate, perform certain security checks and more. Scan results can also be logged and multiple scans can be compared to each other. This way, it is easy to find out, if devices have been added, removed or changed between two scans. NO NETWORK SPECIALIST – (YET) ? If you are not a network expert, don’t worry and don’t be scared. NetworkToolbox makes it easy for you to dig into those networking details. Several included How-To’s and Guides will show you how easy it is, for instance, to perform an open-port analysis. By this, you will be able to quickly scan your home network to find ports that are unintentionally open to the web. Such ports will often be used by cyber criminals to break into your internal network. The app also includes Video tutorials, samples and other learning resources. Each tool also has a comprehensive Help text that explains the purpose of each tool and how to use it. Last but not least, a Glossary is included that explains terms from A like “Access control” to Z like “Zero day”. TELNET AND SSH TERMINAL NetworkToolbox also includes a telnet or SSH terminal which allows you to connect to linux devices, routers with telnet interfaces or any other telnet or SSH device. SHODAN AND MORPHEUS DEVICE SCANNING SHODAN is a search engine that lets you find specific computers (routers, servers, etc.). SHODAN can be seen as a public port scan directory. Web search engines, such as Google and Bing, are great for finding websites. But what if you’re interested in finding computers running a certain piece of software (such as Apache)? Or if you want to know which version of Microsoft IIS is the most popular? Or you want to see how many anonymous FTP servers there are? Maybe a new vulnerability came out and you want to see how many hosts it could infect? Traditional web search engines don’t let you answer those questions. SHODAN is fully integrated in NetworkToolbox. In addition to SHODAN, NetworkToolbox integrates it’s own Device scanning engine called Morpheus. Like SHODAN, Morpheus runs on a distributed network of scanning engines around the world and can be queried from inside NetworkToolbox. ALL FEATURES : The above just shows a fraction of the possibilities of NetworkToolbox. Below is a list of features. This list may already incomplete because NetworkToolbox is being extended and updated continuously. If you are missing a feature or have questions, please feel free to ask. Local device and network information Local and public IP address Network Gateway and DNS Server addresses WiFi network information Cell network information Shodan and Morpheus search engines DNS lookup Reverse DNS lookup IP Geo-Location Provider information MX, NS, SOA DNS Server record information Graphical PING Network Scan Shows Device Type MAC address Device Network name Device Vendor Individual names can be assigned Port Scan Individual port ranges Traceroute Telnet client FTP client SSH client SFTP client HTTP Header analyzer Internal Webbrowser Individual User-Agents to mimic iPhone, Windows PC, Mac Individual Mime types Standard password test function HTTP traversal exploit test function Source display with syntax highlighting XML browser Website Spider WEB-Service analyzer Individual Endpoint, Service header and body GET, PUT, POST methods XML, JSON, plain-text SOAP, REST support Results will be displayed in a drill-down browser SSL Certificate inspector Bonjour scanner Bluetooth LE (4.0) scanner Port forward tool MAC address database IP address calculation Security check tool Router exploit tests mongoDB exploit test and more Mail server check Reports mail client settings Identifies mail server issues Glossary Logbook To collect scan results To remember Addresses and links To compare two scan results and find differences Ability to integrate external apps For instance, your preferred VNC or SSH app can be fully integrated Support URL-Scheme Other apps can call NetworkToolbox e.g. to use the WebService tool Additional resources and links Vulnerability databases Exploit archive Internet Storm Center and definitely much more…

Hi Just got my first nano, hooked it up. And decided to have a look at it, just a breif play, went into recon found what I would expect for around where I live. So went into pineAP selected everything and started the deamon. On the main page I think it said 5 ssid's and 0 clients, now the problem is I've not been getting any clients (I was looking at it for quite a few hours), even when Ive been selecting my own stuff and deauth'ing it etc. I was watching my iphone while this was running, every few seconds the current network would switch to an unsecured one (which was the nano pineap in action, when I turned it off it stopped doing it), but would then switch right back again to the correct network, my secure one rather than sticking with the nanos insecure one. While this was happening there was no clients in the main screen. Now ive been refreshing these screens for as long as I was giving it a go, its not just my iphone I was looking at, tho my iphone mac address never seemed to be listed in the recon, but guessing this could be missed. I was expecting to get at least one client I could look at, but nothing. Any advice, know how on whats going on would be great, seemed to me the iphone new that it was on the wrong network and switched back. Anyway Thanks in advance for any advice.

If anyone is interested I managed to control an iPhone with a USB rubber ducky quite simply by using a lightning to usb converter. If you have any suggestions on the practical applications of this please leave a reply. link to video demonstration:

Can we bypassing HSTS by using this MITM technique? The attack works on latest versions of iOS including iOS 8.1.1 and On most Android devices. Source: https://blog.zimperium.com/doubledirect-zimperium-discovers-full-duplex-icmp-redirect-attacks-in-the-wild/

Hi all, Is there a way to load multiple payloads for different mobile phones on to one Rubber Ducky, and then get the payload to recognise the model of the phone it has been plugged in to and run the appropriate payload? Thank you, Haze

Hi all, Apologies if this has been asked before, I'm new here and I had a good look around the forum but couldn't find anything related. When using the Rubby Ducky to run commands on a mobile phone, you have to of course use the equivilent of keyboard shortcuts, for example the shortcuts found here; http://www.pcworld.com/article/184656/android_keyboard_shortcuts.html Is there a website or resource available that lists the shortcuts for multiple phones, so regardless of which mobile phone I wanted to create a payload for, I could easily look up the shortcuts required to type up the payload? It'd be nice to not have to scour the internet for an hour each time I wish to create a payload for a different phone, trying to find it's keyboard shortcuts. Thanks all, Haze

On of the guys I work for wanted to print some documents from his iPhone and iPad. I started looking up software. Seems only a few printers work with iPhone and iPad. I would have thought that any network attached printer would work. But they are not all airprint compatible. The printer he's wanting to print to is a LaserJet P2030 series. I wasn't sure if there was an app that would work for this. There is a Windows machine there as well. So I had thought about setting file sharing betweent he phone and and Windows machine so he could drag and drop the documents to the PC and use a VNC viewer to print from Windows but that is a lot more steps than just printing from the iPhone. So is there an easy work around for this?

So guys, I got a little setup problem My setup: iPhone 4S , wifi tethering, and the wifi pineapple! What I want to do: boot up both devices, connect iPhone to wifi pineapple, startup everything ( actually just tcpdump at the moment, maybe also deauth ) after that, do something magic and start wifi tethering on the iPhone and let the pineapple connect to it ( maybe put something in the dip switch so it connects automatically to the iPhone, but I don't know how ) Does someone know an answer to this? Greetz, Roman

Hey! I will use my Wifi Pineapple Mark V without the RJ-45 connection. So that when i go out with the pineapple i can make a Monitoring on my Iphone. (The pineapple is physical only connect with the power from the storage battery) With my Hardware i hope i can make a huawei Network in which is the pineapple on wlan1 and my device like iPhone. I know that i have to use an hub and not a switch for the Network traffic. Maybe the huawei is not the right hardware? How i can make my Monitoring? My Hardware: -Wifi Pineapple Mark V -Huawei Mobile WiFi E5776 with SIM-Card

i have a bunch of older smartphones a samsung moment is one im trying to figure out how to deploy payloads with cellphones as an alternitive to usb with a standard charger micro usb a samsung moment or android phone as the attack device like store the payloads on sd caed and embedd the payloads in pictures videos etc to me tranferd via email bluetooth post pictures to social media and when someone saves picture to device payload is executed and i am new to the community as well as payloads for remote controlling phones remote root ota over the air password grab cache copy dos ddos redirect to phishing page overclock and zip bomb and chain to make target phone distribute payload to gather network infomation on outher devices without knowing it with option to send new pay load to a device in chain and reports sent from all chain device to one deployer email and the idea is great but i need help to know how too do this as well as use my old samsung moment to inject payloads to computer or anything with a usb port includeing routers to exploit please help and any links or how too on third party deployment would be a great help

~This if f.y.i I am not responsible for what you do or if you damage your device~ Hey guys. i found out this trick to fake your ios version!!! OK lets say your like me and you have a older model of the iPhone (i have a 2g). But you want to get apps (ipas or from the appstore) that aren't for your ios version. Well here is how you can fake your ios version!! 1. Get ifile on your ipod or ssh into your iphone. ** 2. Go to the root of your iphone... 3. Go to system... 4. Go to Library (in the system folder) 5. Go to CoreServices (in the Library folder) 6. Open SystemVersion.plist 7. Edit the product version key. (i set mine to 6.0.1). 8. Read the **... 9. Enjoy.... ** I recommend using ifile it is easier... Plus just know this wont work for all apps but it will work for some if your lucky..... Good luck!!! :)