Pages

Saturday, January 21, 2012

Install Metasploit on iPhone 4S [MSF Installer Script]

Good evening, i made some updates to my old metasploit installer script, and this time i tested it and it works well, all you have to do is downloading script to your iDevice, make it executable and execute it and you will have metasploit installed on your iDevice.

What we need to get start is ssh connection, so you must install OpenSSH from Cydia(use google, to see howto connect with ssh client to your iDevice) connect to your iDevice via SSH(or you can use MobileTerminal directly), and we need wget and aptitude installed(install them from Cydia) before starting the script.

After connecting to your iDevice via SSH, type this:

wget http://khalil_ounis.byethost4.com/msf_installer_v3.sh


Make it executable by: 

chmod +x msf_installer_v3.sh


Executing the script

./msf_installer_v3.sh


Now you should have metasploit installed on your device, you can call msfconsole or msfcli. and happy penetration :)

To update metasploit, from shell type:

aptitude install subversion


after that we go to msf3 folder

cd /var/msf3


and we call svn update

svu update




And this is the source code of the script:

#/bin/bash
# Author: Khalil Ounis
# Description: iDevice Metasploit Auto Installer Script Version 3
# Web Site: www.89geek.com
  
ROOT_UID=0
VARDIR=/private/var/
CURRDIR=`pwd`
E_NODIR=1
E_CANTRESOLVE=4
E_NOTROOT=67
E_CMDNOTFOUND=127
 
clear

[ "$UID" != "$ROOT_UID" ] && {
 echo "This script must be run as root";
 exit $E_NOTROOT;
}
 
echo "Metasploit Installer Script V3 - By Khalil Ounis"
echo "For iDevices - www.89geek.com"
echo "Press any key to continue..."
read
 
echo -n "Removing ruby and rubygems... "
aptitude -y remove ruby rubygems &>/dev/null
[ $? -eq $E_CMDNOTFOUND ] && {
 echo "aptitude not installed, use cydia to install it.";
 echo "installation aborted.";
 exit $E_CMDNOTFOUND;
}
 
echo "Done"
 
cd $VARDIR &> /dev/null
[ $? -eq $E_NODIR ] && {
 echo "Can't access to $VARDIR, check your folder.";
 exit $E_NODIR;
}
 
wget &>/dev/null
[ $? -eq $E_CMDNOTFOUND ] && {
 echo "wget not installed. Installing wget";
 aptitude -y wget &>/dev/null;
}
 
echo -n "Download ruby_1.8.6-p111-5_iphoneos-arm.deb... "
[ -f ruby_1.8.6-p111-5_iphoneos-arm.deb ] && rm ruby_1.8.6-p111-5_iphoneos-arm.deb &>/dev/null

wget http://apt.saurik.com/dists/tangelo-0.9/main/binary-iphoneos-arm/debs/ruby_1.8.6-p111-5_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
 echo "Can't access saurik server, check your connection.";
 echo "installation aborted";
 exit $E_CANTRESOLVE;
}
 
echo "Done"
 
echo -n "Download rubygems_1.2.0-3_iphoneos-arm.deb... "
[ -f rubygems_1.2.0-3_iphoneos-arm.deb ] && rm rubygems_1.2.0-3_iphoneos-arm.deb &>/dev/null

wget http://apt.saurik.com/dists/tangelo-0.9/main/binary-iphoneos-arm/debs/rubygems_1.2.0-3_iphoneos-arm.deb &>/dev/null
 
[ $? -eq $E_CANTRESOLVE ] && {
 echo "Can't access to saurik server, check your connection.";
 echo "installation aborted";
 exit $E_CANTRESOLVE;
}
 
echo "Done"
 
echo -n "Download framework-3.5.2.tar.bz2... "
[ -f framework-3.5.2.tar.bz2 ] && rm framework-3.5.2.tar.bz2 &>/dev/null
wget http://downloads.metasploit.com/data/releases/archive/framework-3.5.2.tar.bz2 &>/dev/null
 
[ $? -eq $E_CANTRESOLVE ] && {
 echo "Can't access metasploit server, check your connection.";
 echo "installation aborted";
 exit $E_CANTRESOLVE;
}
 
echo "Done"
 
echo -n "Installing ruby... "
dpkg -i ruby_1.8.6-p111-5_iphoneos-arm.deb &>/dev/null
 
[ $? -ne 0 ] && {
 echo "Problem occurred, installation aborted";
 exit 1;
}
 
echo "Done"
 
echo -n "Installing rubygems... "
dpkg -i rubygems_1.2.0-3_iphoneos-arm.deb &>/dev/null
 
[ $? -ne 0 ] && {
 echo "Problem occurred, installation aborted";
 exit 1;
}
 
echo "Done"
 
echo -n "Decompressing framework-3.5.2.tar.bz2... "
tar -jxf framework-3.5.2.tar.bz2
[ $? -ne 0 ] && {
 echo "Problem occurred while decompressing archive.";
 echo "installation aborted";
 exit 1;
}
 
echo "Done"
 
echo -n "Removing downlaoded files... "
rm framework-3.5.2.tar.bz2 ruby_1.8.6-p111-5_iphoneos-arm.deb rubygems_1.2.0-3_iphoneos-arm.deb &>/dev/null
[ $? -ne 0 ] && echo "Can't remove downloaded files, step skipped!"
echo "Done"

echo -n "Creating Links... "
cd /bin
[ $? -eq $E_NODIR ] && {
 echo "Can't access to bin directory";
 echo "installation aborted";
 exit $E_NODIR;
}

ln -s /private/var/msf3/msfconsole ./msfconsole
ln -s /private/var/msf3/msfcli ./msfcli

echo "Done"
echo "Done... Metasploit Installed"

cd $CURRDIR

exit 0


Good luck !!!
Posted by at 1:20 PM

38 comments:

  1. db_autopwn
    working?

    ReplyDelete
    Replies

    2. www.89geek.com/2012/02/install-metasploit-and-mysql-on-idevice.html

      Delete

  2. Add a check of the berkeleydb installation, I had some problems without it. Or do this before running the script:
    # aptitude install berkleydb

    ReplyDelete
    Replies

    1. thank you, but you have to be more specific, which problems you got... because i guess there is no relation between berkeleydb and metasploit

      Delete

  3. Worked Smooth, but cant figure out how to install MySql or ProstgreSQL into iphone to connect with msf.

    any hint much appreciate it.

    ReplyDelete
    Replies

    1. i already installed mysql, and it works perfect... the problem is metasploit does not detect it... I'm still working on it

      Delete

    2. Can you please tell us how to install mysql ? am really frestrated since yesterday trying to figure it out but not luck. is it direct Cydia install (i dont think so)

      Delete

    3. connect to your idevice via SSH... download mysql:

      wget http://khalil_ounis.byethost4.com/mysql_5.0.83-4-1_iphoneos-arm.deb

      install it:

      dpkg -i mysql_5.0.83-4-1_iphoneos-arm.deb

      and if you are using sbsettings, you can download mysql toggle:

      wget http://khalil_ounis.byethost4.com/mysqltoggle_1.0-1-1_iphoneos-arm.deb

      and we install it via:

      dpkg -i mysqltoggle_1.0-1-1_iphoneos-arm.deb

      and that's what you will get:

      http://khalil_ounis.byethost4.com/IMG_0155.PNG

      Good luck :)

      Delete

    4. you can try the new script:
      www.89geek.com/2012/02/install-metasploit-and-mysql-on-idevice.html

      Delete

  4. Now db_autopwn works, with mysql... i will write a new script, i will upload it this evening.

    ReplyDelete

  5. hi there,
    could you tell me please why svn update isn't working for me ?

    ReplyDelete
    Replies

    1. Hi, you can install svn with aptitude, use the following:

      aptitude -y subversion

      but, if you want db_autopwn to work, you must stay away from making update to metasploit
      Good luck.

      Delete

    2. hi,

      after all the installation its not working for me :( still i'm getting ruby 1.9.1 error but im using 1.8.1 :(


      ./msfconsole
      /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require': no such file to load -- securerandom (LoadError)
      from /private/var/msf3/lib/fastlib.rb:368:in `require'
      from /private/var/msf3/lib/gemcache/ruby/1.9.1/gems/activesupport-3.2.2/lib/active_support.rb:24
      from /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require'
      from /private/var/msf3/lib/fastlib.rb:368:in `require'
      from /private/var/msf3/lib/gemcache/ruby/1.9.1/gems/activerecord-3.2.2/lib/active_record.rb:24
      from /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require'
      from /private/var/msf3/lib/fastlib.rb:368:in `require'
      from /private/var/msf3/lib/msf/core/db_manager.rb:1
      ... 14 levels...
      from /private/var/msf3/lib/msf/ui.rb:10
      from /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require'
      from /private/var/msf3/lib/fastlib.rb:368:in `require'
      from ./msfconsole:128

      Delete

    3. Hi,

      what do you mean by "installation its not working"? did you get an error while executing script?

      Delete

    4. You can still get db_autopwn after the update but it's officially removed from the packages due to its instability. If you still want to use it, you can download a ruby plugin for it from my github page - https://raw.github.com/jedivind/metasploit-framework/autopwn-modules/plugins/db_autopwn.rb

      Delete

    5. Thank you vinay, i didn't work on metaploit since i wrote this script. i will make updates soon.

      Good luck!

      Delete

  6. Hey, when im using your script there is a error like this can you please help me to solve this problem PLEASE ....


    ASHISH:/private/var root# ./msf_installer_v3.sh
    Metasploit Installer Script V3 - By Khalil Ounis
    For iDevices - www.89geek.com
    Press any key to continue...

    Removing ruby and rubygems... Done
    Download ruby_1.8.6-p111-5_iphoneos-arm.deb... Done
    Download rubygems_1.2.0-3_iphoneos-arm.deb... Done
    Download framework-3.5.2.tar.bz2... Done
    Istalling ruby... Done
    Installing rubygems... Done
    Decompressing framework-3.5.2.tar.bz2... tar (child): framework-3.5.2.tar.bz2: Cannot open: No such file or directory
    tar (child): Error is not recoverable: exiting now
    tar: Child returned status 2
    tar: Exiting with failure status due to previous errors
    Problem occurred while decompressing archive.
    installation aborted

    ReplyDelete
    Replies

    1. Hi,

      Maybe you have space problem, i guess we have to do the installation manually. if want that add me on facebook https://www.facebook.com/khalil.ounis we can start from there.

      good luck

      Delete

  7. Hi, Khalil

    svu update command not working for me can you please help me...
    i have also installed subversion still i m getting this error
    -sh: svu: command not found

    ReplyDelete
    Replies

    1. Hi there

      it's svn not svu, and as i said before, after svn update db_autopwn will not work.

      good luck ;)

      Delete

    2. hey thanks for reply after svn update my framework is not working im getting ruby error



      /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require': no such file to load -- securerandom (LoadError)
      from /private/var/msf3/lib/fastlib.rb:368:in `require'
      from /private/var/msf3/lib/gemcache/ruby/1.9.1/gems/activesupport-3.2.2/lib/active_support.rb:24
      from /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require'
      from /private/var/msf3/lib/fastlib.rb:368:in `require'
      from /private/var/msf3/lib/gemcache/ruby/1.9.1/gems/activerecord-3.2.2/lib/active_record.rb:24
      from /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require'
      from /private/var/msf3/lib/fastlib.rb:368:in `require'
      from /private/var/msf3/lib/msf/core/db_manager.rb:1
      ... 14 levels...
      from /private/var/msf3/lib/msf/ui.rb:10
      from /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require'
      from /private/var/msf3/lib/fastlib.rb:368:in `require'
      from ./msfconsole:128

      Delete

    3. that's because ruby 1.9.1, try this:

      aptitude -y remove ruby &>/dev/null

      wget http://apt.saurik.com/dists/tangelo-0.9/main/binary-iphoneos-arm/debs/ruby_1.8.6-p111-5_iphoneos-arm.deb &>/dev/null

      dpkg -i ruby_1.8.6-p111-5_iphoneos-arm.deb &>/dev/null

      Delete

    4. This comment has been removed by the author.

      Delete

    5. Not found this:

      aptitude -y remove ruby &>/dev/null

      wget http://apt.saurik.com/dists/tangelo-0.9/main/binary-iphoneos-arm/debs/ruby_1.8.6-p111-5_iphoneos-arm.deb &>/dev/null

      dpkg -i ruby_1.8.6-p111-5_iphoneos-arm.deb &>/dev/null

      Delete

    6. what do you mean by you didn't found this? the link works

      Delete

  8. Khalil, can you help me figure this out? I've tried installing msf_installer_v3.sh but it didn't work for some reason. Now i'm trying with v4 and this is what I got.


    Metasploit Installer Script V4 - By Khalil Ounis
    For iDevices - www.89geek.com
    Press any key to continue...

    Removing some packages... Done
    Download lua_5.1.4-1_iphoneos-arm.deb... Done
    Download libpcap_1.1.1-4-1_iphoneos-arm.deb... Done
    Download nmap_5.51-2-1_iphoneos-arm.deb... Done
    Download iconv_1.14-1_iphoneos-arm.deb... Done
    Download zlib_1.2.3-1_iphoneos-arm.deb... Done
    Download ruby_1.9.2-p180-1-1_iphoneos-arm.deb... Done
    Download mysql_5.0.83-4-1_iphoneos-arm.deb... Done
    Download mysqltoggle_1.0-1-1_iphoneos-arm.deb... Done
    Download framework-3.5.2.tar.bz2... Done
    Installing inetutils... Done
    Istalling lua_5.1.4-1_iphoneos-arm.deb... Done
    Istalling libpcap_1.1.1-4-1_iphoneos-arm.deb... Done
    Istalling nmap_5.51-2-1_iphoneos-arm.deb... Done
    Istalling iconv_1.14-1_iphoneos-arm.deb... Done
    Istalling zlib_1.2.3-1_iphoneos-arm.deb... Done
    Istalling ruby_1.9.2-p180-1-1_iphoneos-arm.deb... Done
    Istalling mysql_5.0.83-4-1_iphoneos-arm.deb and mysqltoggle_1.0-1-1_iphoneos-arm.deb... Problem occurred, installation aborted

    What's the problem??

    ReplyDelete
    Replies

    1. Hi there,

      let's see what do you got exactly, do this:

      aptitude -y remove mysql mysqltoggle

      dpkg -i mysql*

      and tell me what you get

      Delete

  9. Hey Khalil, check the comment section of your second page (installer v4) for my next reply. I'm the anonymous from above and will be /root from now on.

    ReplyDelete

  10. I've been searching for a tutorial like this. Thank You for your hard work. To my question:
    The process in my phone went up to this point:

    Removing ruby and rubygems... Done
    Download ruby_1.8.6-p111-5_iphoneos-arm.deb... Done
    Download rubygems_1.2.0-3_iphoneos-arm.deb... Done
    Download framework-3.5.2.tar.bz2

    My internet connection was a bit slow or due to another problem, I got a little impatient of waiting for the download to complete and closed the terminal and tried to restart the process. However, Im unable to do so, I get the following errors when i try to run the script:

    ./msf_installer_v3.sh: line 1: !DOCTYPE: No such file or directory
    ./msf_installer_v3.sh: line 2: html: No such file or directory
    ./msf_installer_v3.sh: line 3: head: No such file or directory
    ./msf_installer_v3.sh: line 4: meta: No such file or directory
    ./msf_installer_v3.sh: line 5: syntax error near unexpected token `<'
    ./msf_installer_v3.sh: line 5: title></title

    How do i restart the whole process from the begining and avoid these errors?

    ReplyDelete
    Replies

    1. You're welcome brother :)

      you have to remove the script, and redownload it and execute again than tell me if you still having that problem.

      about framework it have 45,0MB, you can download that file from your PC and i can show you how to modify the script to work with it.

      Delete

    2. I made a mistake there; the script was saving the file as "msf_installer_v3.sh.4". The "4" was the number which increased everytime i restarted the download. I called the file again with the number and it ran perfect! Metasploit installation finished confirmation was shown after framework was downloaded and decompressed. And it runs perfect!

      Thank You so much Khalil Ounis.

      Anyway I can install SET (Social Engineering Toolkit) after this process?

      Delete

    3. Glad to hear that :)

      Yes you can install SET on iDevice, i already have it on my iphone, just google for it.

      anything, you can ask ;)

      Good luck

      Delete

    4. This comment has been removed by the author.

      Delete

  11. I've googled and To prevent conflict with ruby versions, I didnt install ruby and just installed SET. But I accidentally installed it in /var/mobile. Will it run safe in this folder? and when i try to call set using ./set , it says:

    sh: ./set: /usr/bin/python: bad interpreter: No such file or directory.

    Could you please give me and the future readers a good and simple tutorial to install SET?
    Tkank You :)

    ReplyDelete

  12. I've installed SET and got it running and solved a lot of errors.. But there's one error I'm not able to fix..

    ./Set
    Option selected: 1
    Option selected: 2
    Option selected: 1
    Option selected: 2
    (Remote host IP address and website to clone are filled)
    Option selected: 2
    Option selected: 15
    Port: 443
    ...
    and after displaying a lot of stuff,.. it says:
    Handler failed to bind to 192.168.1.101:8081

    Please help me fix this error. Thanx in advance :)

    ReplyDelete

  13. Everything worked, but it is stuck at "decompressing framework-3.5.3.tar.bz2..." PLEAE HELP! IT HAS BEEN LIKE THAT FOR 20 MINUTES!!!!

    ReplyDelete

Subscribe to: Post Comments (Atom)