With the recent Absinthe Jailbreak which opens up firmware 5.1.1 to Cydia, we once again tried to get Metasploit running on these iBabies. After a bit of fiddling around with various ruby package versions, its seems like the following combination works well with the latest version of Metasploit 4.4.0-dev (as of May 2012).

Of course, you need a jailbroken iPhone or iPad, with apt, OpenSSH server and a SSH client, such as iSSH. Once you are SSH’ed to your iPhone / iPad, run the following commands:

# Install basic tools

apt-get update

apt-get dist-upgrade

apt-get install wget subversion



# Download correct version of ruby and dependencies

wget http: // ininjas.com / repo / debs / ruby_1.9.2-p180- 1 - 1 _iphoneos-arm.deb

wget http: // ininjas.com / repo / debs / iconv_1.14- 1 _iphoneos-arm.deb

wget http: // ininjas.com / repo / debs / zlib_1.2.3- 1 _iphoneos-arm.deb



# Install them

dpkg -i iconv_1.14- 1 _iphoneos-arm.deb

dpkg -i zlib_1.2.3- 1 _iphoneos-arm.deb

dpkg -i ruby_1.9.2-p180- 1 - 1 _iphoneos-arm.deb



# Delete them

rm -rf * .deb



# Go into /private var and svn checkout the msf trunk.

# Don't download the MSF tar.gz due to svn client versioning issues



cd / private / var

svn co https: // www.metasploit.com / svn / framework3 / trunk / msf3

cd msf3 /



# Check that Metasploit is running

ruby msfconsole

As no blog post is complete without a reverse shell screenshot, here’s a popped shell from the iPhone: