[Andrew221]

Please tell me the repos I need for getting Metasploit ,that works.

[BooCocky]

just add my repo

boococky.hostei.com/cydia

install ruby and rubygems.  then run

mkdir /var/mobile/pentest/exploits
ln -s /var/mobile/pentest/exploits /


download this file:

http://updates.metas...k-3.5.2.tar.bz2

extract it, rename "msf3" to "framework3".  Move it to /pentest/exploits.


The metasploit in cydia is old, also depends on ruby 1.9.2 which is broken for iphone

[Brandon]

What does metasploit do?

[Ironman]

x Big BD x said:

What does metasploit do?

This is what it can do.  [emoji-E056]
metasploit is a framework developed in ruby by a guy named H.D. Moore who is a computer genius.  Its brilliant the way it was designed, includes near 700 exploits and all the payloads available.  Think about it like this. 


you have a house with a weak lock, that can be opened with more than one key.  The fact that you have a weak lock is called the vulnerability.  Now a robber is coming and he noticed that your house has a weak lock simply by scanning the neighborhood (network) and finding it.  He happens to have a set of keys,  that he knows will open your door.  The set of keys is called the "exploit".  Once the robber is inside there is many things he can do.  He can take a look around and leave,  he can steal (download) valuble information, or leave is own surveliance (spyware).  But whatever the attacker wants to do once he is inside is known as the "payload"

SET and Metasploit go great together because set comes with a wide variety of attack implementations like clonong fake webpages and injecting the exploit into the page using different techniques.  Then with dsniff or ettercap you can redirect all traffic on your router to your own webserver, which has malicious exploit and payload.
Give a nod to Boo for the explanation.

[Gavin]

What's the command to run SET?

[Ironman]

cd /pentest/exploits/SET
<return>
./set
<return>

[Brandon]

BooCøcky said:

just add my repo

boococky.hostei.com/cydia

install ruby and rubygems.  then run

mkdir /var/mobile/pentest/exploits
ln -s /var/mobile/pentest/exploits /


download this file:

http://updates.metas...k-3.5.2.tar.bz2

extract it, rename "msf3" to "framework3".  Move it to /pentest/exploits.


The metasploit in cydia is old, also depends on ruby 1.9.2 which is broken for iphone

i downloaded ruby and ruby gems and the file. And i also changed msf3 to framework3 and put it in that place. but now what do I do, and how do I run it in terminal

[LankAsif]

su
password
cd /var/mobile/pentest/exploits/framework3
./msfconsole

That should begin metasploit, but it takes a while to load.

[Brandon]

LankAsif said:

su
password
cd /var/mobile/pentest/exploits/framework3
./msfconsole

That should begin metasploit, but it takes a while to load.

what's the /var/mobile/...ect. Do I type that in terminal or go to ifile for that.  I'm a big noob to this

[BooCocky]

In terminal.  Metasploit is not for noobs.  You should watch these 3 videos first

http://www.securitytube.net/video/1175

http://www.securitytube.net/video/1176

http://www.securitytube.net/video/1181


Also learn basic linux commands.  You cant compromise a system if you do not understand how your own works.

[Brandon]

Okay thanks boo

[Ironman]

x Big BD x said:

Okay thanks boo

If you're new to this sort of thing. Read as much as you can. Inside of metasploit and SET (which you should also have) are manuals that you can get to from iFile. If you open them in iFile with iBooks they will transfer to your iBooks library. Then you can read them when you have some down time from the iBooks app.  I have all kinds of PDFs in my iBooks library from various sources about exploits and hack tools.

[LankAsif]

Ironman said:

If you're new to this sort of thing. Read as much as you can. Inside of metasploit and SET (which you should also have) are manuals that you can get to from iFile. If you open them in iFile with iBooks they will transfer to your iBooks library. Then you can read them when you have some down time from the iBooks app.  [emoji-E056]  I have all kinds of PDFs in my iBooks library from various sources about exploits and hack tools.

Ironman, just to clarify, you're referring to the files within the metasploit download right? They can be found within the framework3 directory? Not sure if x Big BD x knows that.
And x Big BD x, the
su
password
cd /var/mobile/pentest/exploits/framework3
./msfconsole
refers to lines you need to type and then hit return. Simply, you are logging in as root and then directing your terminal to the appropriate directory. And then executing metasploit. Hope that clears it up.
And listen to Boo and Ironman. I (being a noob) tried to jump into enjoying this amazing facility, but realised quickly that it isn't a "paint by colours" sort of thing. You  really need to do your homework. Ask any of these guys and they'll tell you I've been batteling my way through it for quiite a while now. REALLY research the availible threads on this forum and follow the adice offered whithin them. They are a great help. Remember that the experienced members of this forum don't mind helping someone who is keen, but if you are keen you'll be willing to make an effort and meet them half way. This forum is a valuble resource and will help you like nothing else (and incredibly, based on altruism). Hope you work out the metasploit thing and rather PM me with the beginner stuff and see if I can't help you, then approach th pros (not claiming to be advanced, but I've gone through many of the teething problems myself rather recently).
Good luck chap

[sami8007]

If you don't mind my asking, is there something specific you need metasploit for?

[Andrew221]

About ur repo, last time i tried to add but Curia dosent let me add.

[Ironman]

Andrew221 said:

About ur repo, last time i tried to add but Curia dosent let me add.

Boo's new repo is
boococky.hostei.com/cydia
Also add this repo
cydia.theworm.tw/

[Andrew221]

Cydia not curia

[Blibby]

This repo did not work for you?

http://boococky.hostei.com/cydia/

Try again now. It might have been down or acting up.

[Andrew221]

Cydia not curia

[Andrew221]

I tried to add boococky.hostei.com/cydia but it dosent let me it said did not find repository any help?