Search the Community
Showing results for tags 'ios'.
Found 2 results
Hi, Doing some security testing/learning in my home lab again, this time using an iOS phone. Does anyone know how the Two-Factor-Authentication for iOS devices determines whether the device logging in is indeed a 'Trusted Device'? Does it use the MAC address of the device, the IP address, a file on the device? I'm using a Kali box to see if I can log in to the iCloud without it asking for Two-Factor-Authentication; tricking the login in to thinking that the Kali box is actually the trusted iOS phone. In order to do so, I need to narrow down how the iOS login determines that the device is trusted. So far, I've found; I assume this means that a file must be saved on the device somewhere? Thank you.
NetworkToolbox - Network scanning and analyzing by Marcus Roskosch https://appsto.re/us/9wa2M.i https://networktoolbox.de/ Shits extensive. I don't pay for apps willy-nilly, this one has not failed to impress. Heres a list of it's features: Features of NetworkToolbox Scan your local home- or corporate-network within seconds. Explore all connected devices and get a complete picture of your network. Over 26 individual tools are available to analyze your network, to perform various security checks or even connect to devices on your network. SCANNING – FAST AND COMPLETE The included Network scanner runs repeated scans to get the most accurate results. To prevent from being detected by Firewalls or IDS (Intrusion detection systems), the scanned addresses are selected randomly. For the fastest possible speed, scans will be performed in hundreds of concurrent tasks at the same time. This results in the fastest and most reliable scan results compared to any other app. Devices, found by the Network scanner can be further analyzed by scanning for services using the Portscan tool. Portscans may reveal known and unknown (hidden) services of devices. All tools are highly integrated. Wherever you want to dig deeper into the results of one tool, a single tap will allow you to open the internal browser, start a telnet or FTPsession, ping the host, get information about a SSL certificate, perform certain security checks and more. Scan results can also be logged and multiple scans can be compared to each other. This way, it is easy to find out, if devices have been added, removed or changed between two scans. NO NETWORK SPECIALIST – (YET) ? If you are not a network expert, don’t worry and don’t be scared. NetworkToolbox makes it easy for you to dig into those networking details. Several included How-To’s and Guides will show you how easy it is, for instance, to perform an open-port analysis. By this, you will be able to quickly scan your home network to find ports that are unintentionally open to the web. Such ports will often be used by cyber criminals to break into your internal network. The app also includes Video tutorials, samples and other learning resources. Each tool also has a comprehensive Help text that explains the purpose of each tool and how to use it. Last but not least, a Glossary is included that explains terms from A like “Access control” to Z like “Zero day”. TELNET AND SSH TERMINAL NetworkToolbox also includes a telnet or SSH terminal which allows you to connect to linux devices, routers with telnet interfaces or any other telnet or SSH device. SHODAN AND MORPHEUS DEVICE SCANNING SHODAN is a search engine that lets you find specific computers (routers, servers, etc.). SHODAN can be seen as a public port scan directory. Web search engines, such as Google and Bing, are great for finding websites. But what if you’re interested in finding computers running a certain piece of software (such as Apache)? Or if you want to know which version of Microsoft IIS is the most popular? Or you want to see how many anonymous FTP servers there are? Maybe a new vulnerability came out and you want to see how many hosts it could infect? Traditional web search engines don’t let you answer those questions. SHODAN is fully integrated in NetworkToolbox. In addition to SHODAN, NetworkToolbox integrates it’s own Device scanning engine called Morpheus. Like SHODAN, Morpheus runs on a distributed network of scanning engines around the world and can be queried from inside NetworkToolbox. ALL FEATURES : The above just shows a fraction of the possibilities of NetworkToolbox. Below is a list of features. This list may already incomplete because NetworkToolbox is being extended and updated continuously. If you are missing a feature or have questions, please feel free to ask. Local device and network information Local and public IP address Network Gateway and DNS Server addresses WiFi network information Cell network information Shodan and Morpheus search engines DNS lookup Reverse DNS lookup IP Geo-Location Provider information MX, NS, SOA DNS Server record information Graphical PING Network Scan Shows Device Type MAC address Device Network name Device Vendor Individual names can be assigned Port Scan Individual port ranges Traceroute Telnet client FTP client SSH client SFTP client HTTP Header analyzer Internal Webbrowser Individual User-Agents to mimic iPhone, Windows PC, Mac Individual Mime types Standard password test function HTTP traversal exploit test function Source display with syntax highlighting XML browser Website Spider WEB-Service analyzer Individual Endpoint, Service header and body GET, PUT, POST methods XML, JSON, plain-text SOAP, REST support Results will be displayed in a drill-down browser SSL Certificate inspector Bonjour scanner Bluetooth LE (4.0) scanner Port forward tool MAC address database IP address calculation Security check tool Router exploit tests mongoDB exploit test and more Mail server check Reports mail client settings Identifies mail server issues Glossary Logbook To collect scan results To remember Addresses and links To compare two scan results and find differences Ability to integrate external apps For instance, your preferred VNC or SSH app can be fully integrated Support URL-Scheme Other apps can call NetworkToolbox e.g. to use the WebService tool Additional resources and links Vulnerability databases Exploit archive Internet Storm Center and definitely much more…