Hi,

I'm curious if anyone managed to port dSniff or similar tools to the iPhone.
Anyone here into mobile penetration-testing and using the iPhone?

Any help/link would be appreciated!

Thanks,
Bergheim

I've got a fully functional build of ettercap-ng 0.7.3 running on my iPhone (firmware 2.1).

It's even signed with ldid and runs perfectly. And, if that's not icing on the cake, it's got plug-in support, ncurses GUI support, and debug support.

I had to do a whole lot of ln -s trickery to get the support libraries to compile and install, and then some source modification of ettercap itself, and I'm not entirely certain what all I did. However, if someone could show me how to compile it in such a fashion that I can package it for Cydia, I'd be glad to go at it again, and share with the community!

it would be really awesome to have a fully functional program for iphone..
can you sniff packages with only the phone? i mean without any other computer in the process..some time ago i was reading here on the forum that iphone wifi chipset was not able to do things as packet injection or something like this

ettercap-ng is a network sniffer, and yes, I have succefuly ARP poisoned my home network, and even run a filter to swap all images going to my room mates computer with the laughing man .gif

im waiting ettercap from you backxslash every day
if the compiled verison you have running ok on the iphone please send it, it will be good to share ..

thanks

I've compiled ettercap-NG-0.7.3 with the iPhone toolchain... it needs libnet (patched with BYTE SWAP, fucking darwin....) and some other tweaks (configure script, libiconv etc. etc)..
I can poison clients arp cache and see theirs traffic in a switched LAN but ettercap will not show "live connections" and captured passwords...

@backXslash: have you had the same issue? how do you have resolved it?

hey guys,

i would love to see ettercap working on iPhone. It's a shame that you guys dont want to upload this!
here is dsniff. Also a usefull sniffer!

-->
Collin R. Mulliner

Have fun!

pcane

Hi, I'm trying to build EttercapNG 0.7.3 on my Iphone 3G fw 2.2.1, but when I try ./configure it gives me:

checking for library containing pthread_create... none required
checking whether gcc accepts -pthread... no
configure: WARNING: ***************************
configure: WARNING: * PTHREAD ARE REQUIRED !! *
configure: WARNING: ***************************

Then it doesn't proceed and exit. I really don't know what to do! Have anyone already have this issue? How did you solve it?

PS: This is "gcc -v" output:

Using built-in specs.
Target: arm-apple-darwin9
Configured with: ../llvm-gcc-4.2/configure --build=x86_64-unknown-linux-gnu --host=arm-apple-darwin9 --enable-static=no --enable-shared=yes --prefix=/usr --localstatedir=/var/cache/iphone-gcc --enable-languages=c,c++,objc,obj-c++ --enable-wchar_t=no --with-gxx-include-dir=/usr/include/c++/4.0.0
Thread model: posix
gcc version 4.2.1 (Based on Apple Inc. build 5555)


Thanks


################################################## #############################
Ok, sorry, solved it!
I've just edit the line number 28246 of the configure file giving "vim +28246 configure" and should appear a line like:

elif test "$OS" != "MACOSX" -a "$OS" != "WINDOWS"; then

I just changed MACOSX to DARWIN. Like

elif test "$OS" != "DARWIN" -a "$OS" != "WINDOWS"; then

Now it goes on but it says me "libnet >= 1.1.2.1 not found"... but.. I installed it from Cydia!
Have anyone already have this issue? How did you solve it?

################################################## #############################
Solved again! With a ln -s trick.
I've successfully configured EttercapNG 0.7.3 on my iphone:

ettercap has been configured as follow...

==================================================

Install directory: /usr/local


Libraries :

LIBPCAP ................ default
LIBNET ................. default
LIBSSL ................. NO
NCURSES ................ NO
GTK+ ................... NO

Functionalities :

Debug mode ............. no
Plugin support ......... no
Passive DNS ............ yes
Perl regex in filters .. no
Iconv UTF-8 support .... yes

==================================================

Now if i try "make" the output has several errors like

dissectors/ec_ymsg.c: In function 'dissector_ymsg':
dissectors/ec_ymsg.c:63: warning: pointer targets in passing argument 1 of 'memmem' differ in signedness
dissectors/ec_ymsg.c:145: warning: pointer targets in passing argument 1 of 'strlen' differ in signedness
dissectors/ec_ymsg.c:145: warning: pointer targets in passing argument 1 of 'strlen' differ in signedness
dissectors/ec_ymsg.c:145: warning: pointer targets in passing argument 1 of 'strlen' differ in signedness
dissectors/ec_ymsg.c:148: warning: pointer targets in passing argument 1 of 'sprintf' differ in signedness
dissectors/ec_ymsg.c:149: warning: pointer targets in passing argument 1 of 'strlen' differ in signedness
gcc -DHAVE_CONFIG_H -I. -I. -I../include -g -O2 -lz -lresolv -lpcap -lnet -liconv -c missing/memmem.c -o missing/memmem.o
gcc: -lz: linker input file unused because linking not done
gcc: -lresolv: linker input file unused because linking not done
gcc: -lpcap: linker input file unused because linking not done
gcc: -lnet: linker input file unused because linking not done
gcc: -liconv: linker input file unused because linking not done

and

/usr/bin/ld: Undefined symbols:
_libiconv
_libiconv_close
_libiconv_open
collect2: ld returned 1 exit status

It seems I haven't got iconv library, but I have it... Then I think I've a problem libtool or something else, maybe memmem which I think it is a library.
Oh, during configure process, it can't find libnet, which is installed!! I've also tryed to search libnet files' paths and specify them with "./configure --with-libnet=/path/to/libnet" but ... nothing! Can't found it!
Any suggestion?

backXslash ,, we are waiting u

111111 Good work but have you make it work??

please tell us

No I didn't managed to compile it and make it work, I've just been able to complete the "./configure" process..
backXslash CAN YOU HELP US please?

PS:
If anyone has this problem yet:

checking whether the C compiler works... configure: error: cannot run C compiled programs.
If you meant to cross compile, use `--host'.
See `config.log' for more details.

you have just to run this command from root:

sysctl -w security.mac.proc_enforce=0 security.mac.vnode_enforce=0

Remember that you should run it again every time you reboot your iPhone.