Tuesday, February 7, 2012

Metasploit and MySQL on iDevice [MSF Installer Script][db_autopwn]

Good evening, so finally i got db_autopwn working on my iphone 4S, and to make it easy for you, i made some updates to my script which it will install metasploit and mysql for you in few easy steps, first you need to install aptitude and wget from cydia, after that connect to your idevice via SSH, and start downloading script:

wget http://khalil_ounis.byethost4.com/msf_installer_v4.sh


Make it executable by:

chmod +x msf_installer_v4.sh


Executing the script

./msf_installer_v4.sh


and that's it, just reboot your idevice, and enjoy db_autopwn. and you can install mobileterminal from this tutorial.

NOTE:
* Do not update metasploit(svn update), because the new metasploit doesn't support mysql.



and this is script source:

#/bin/bash
# Author: Khalil Ounis
# Description: iDevice Metasploit Auto Installer Script Version 4
# Web Site: www.89geek.com

ROOT_UID=0
VARDIR=/private/var/
CURRDIR=`pwd`
E_NOERR=0
E_NODIR=1
E_CANTRESOLVE=4
E_NOTROOT=67
E_CMDNOTFOUND=127

clear

[ "$UID" != "$ROOT_UID" ] && {
echo "This script must be run as root";
exit $E_NOTROOT;
}

echo "Metasploit Installer Script V4 - By Khalil Ounis"
echo "For iDevices - www.89geek.com"
echo "Press any key to continue..."
read

echo -n "Removing some packages... "
aptitude -y remove ruby rubygems iconv mysql mysqltoggle &>/dev/null
[ $? -eq $E_CMDNOTFOUND ] && {
echo "aptitude not installed, use cydia to install it.";
echo "installation aborted.";
exit $E_CMDNOTFOUND;
}

echo "Done"

cd $VARDIR &> /dev/null
[ $? -eq $E_NODIR ] && {
echo "Can't access to $VARDIR, check your folder.";
exit $E_NODIR;
}

wget &>/dev/null
[ $? -eq $E_CMDNOTFOUND ] && {
echo "wget not installed. Installing wget";
aptitude -y wget &>/dev/null;
}


echo -n "Download lua_5.1.4-1_iphoneos-arm.deb... "
[ -f lua_5.1.4-1_iphoneos-arm.deb ] && rm lua_5.1.4-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/lua_5.1.4-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download libpcap_1.1.1-4-1_iphoneos-arm.deb... "
[ -f libpcap_1.1.1-4-1_iphoneos-arm.deb ] && rm libpcap_1.1.1-4-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/libpcap_1.1.1-4-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download nmap_5.51-2-1_iphoneos-arm.deb... "
[ -f nmap_5.51-2-1_iphoneos-arm.deb ] && rm nmap_5.51-2-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/nmap_5.51-2-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download iconv_1.14-1_iphoneos-arm.deb... "
[ -f iconv_1.14-1_iphoneos-arm.deb ] && rm iconv_1.14-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/iconv_1.14-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download zlib_1.2.3-1_iphoneos-arm.deb... "
[ -f zlib_1.2.3-1_iphoneos-arm.deb ] && rm zlib_1.2.3-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/zlib_1.2.3-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download ruby_1.9.2-p180-1-1_iphoneos-arm.deb... "
[ -f ruby_1.9.2-p180-1-1_iphoneos-arm.deb ] && rm ruby_1.9.2-p180-1-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/ruby_1.9.2-p180-1-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download mysql_5.0.83-4-1_iphoneos-arm.deb... "
[ -f mysql_5.0.83-4-1_iphoneos-arm.deb ] && rm mysql_5.0.83-4-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/mysql_5.0.83-4-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download mysqltoggle_1.0-1-1_iphoneos-arm.deb... "
[ -f mysqltoggle_1.0-1-1_iphoneos-arm.deb ] && rm mysqltoggle_1.0-1-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/mysqltoggle_1.0-1-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download framework-3.5.2.tar.bz2... "
[ -f framework-3.5.2.tar.bz2 ] && rm framework-3.5.2.tar.bz2 &>/dev/null
wget http://downloads.metasploit.com/data/releases/archive/framework-3.5.2.tar.bz2 &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access metasploit server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Installing inetutils... "
aptitude -y install inetutils &>/dev/null
[ $? -ne $E_NOERR ] && {
echo "Problem occured";
echo "installation aborted.";
exit $?;
}

echo "Done"

echo -n "Installing lua_5.1.4-1_iphoneos-arm.deb... "
dpkg -i lua_5.1.4-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Installing libpcap_1.1.1-4-1_iphoneos-arm.deb... "
dpkg -i libpcap_1.1.1-4-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Installing nmap_5.51-2-1_iphoneos-arm.deb... "
dpkg -i nmap_5.51-2-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Installing iconv_1.14-1_iphoneos-arm.deb... "
dpkg -i iconv_1.14-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Installing zlib_1.2.3-1_iphoneos-arm.deb... "
dpkg -i zlib_1.2.3-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Installing ruby_1.9.2-p180-1-1_iphoneos-arm.deb... "
dpkg -i ruby_1.9.2-p180-1-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Installing mysql_5.0.83-4-1_iphoneos-arm.deb and mysqltoggle_1.0-1-1_iphoneos-arm.deb... "
dpkg -i mysql* &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Decompressing framework-3.5.2.tar.bz2... "
tar -jxf framework-3.5.2.tar.bz2
[ $? -ne $E_NOERR ] && {
echo "Problem occurred while decompressing archive.";
echo "installation aborted";
exit 1;
}

echo "Done"

echo -n "Removing downlaoded files... "
rm framework-3.5.2.tar.bz2 ruby_1.9.2-p180-1-1_iphoneos-arm.deb iconv_1.14-1_iphoneos-arm.deb mysql_5.0.83-4-1_iphoneos-arm.deb mysqltoggle_1.0-1-1_iphoneos-arm.deb zlib_1.2.3-1_iphoneos-arm.deb libpcap_1.1.1-4-1_iphoneos-arm.deb nmap_5.51-2-1_iphoneos-arm.deb lua_5.1.4-1_iphoneos-arm.deb &>/dev/null
[ $? -ne $E_NOERR ] && echo "Can't remove downloaded files, step skipped!"
echo "Done"

echo -n "Creating Links... "
cd /bin
[ $? -eq $E_NODIR ] && {
echo "Can't access to bin directory";
echo "Failed";
} || {
ln -s /private/var/msf3/msfconsole ./msfconsole
ln -s /private/var/msf3/msfcli ./msfcli
echo "Done"
}

echo "Done... Metasploit Installed"
echo "Restart your iDevice."

cd $CURRDIR

exit 0


Good luck :)

UPDATE #1
Thanks to /root for making some updates to our script, you can use his script by downloading it from the above link:

wget http://khalil_ounis.byethost4.com/metasploit_installer_v4.2.sh


and this is the source code for this script:

# /bin/bash
# Author: Khalil Ounis
# Description: iDevice Metasploit Auto Installer Script Version 4.2
# Web Site: www.89geek.com / ihax4u.com
# For Kalil : I've realised why the framework didn't download, the link was broken... So I fixed that
# If I were you, I would add all the different framework versions for the users to choose from...
# Check out https://github.com/rapid7/metasploit-framework/wiki/Downloads-by-Version for links
# If you wanna contact me email @ andr920jhckrs@gmail.com

ROOT_UID=0
VARDIR=/private/var/
CURRDIR=`pwd`
E_NOERR=0
E_NODIR=1
E_CANTRESOLVE=4
E_NOTROOT=67
E_CMDNOTFOUND=127
E_NOTHING_CHOOSED=48
FW_V=0
MYSQL_DL=0

clear

[ "$UID" != "$ROOT_UID" ] && {
echo "This script must be run as root";
exit $E_NOTROOT;
}

echo "Metasploit Installer Script V4.2 - By Khalil Ounis and A.R"
echo "For iDevices - www.89geek.com"
echo "v4.2 -> updated by /root from ihax4u.com"
echo "Current version provides new choices to users : "
echo "2 versions of the Framework and MySQL is now an addon"
echo "I will be working on adding SET to this installer :)"
echo "As well as adding more frameworks to the list..."
echo "Press any key to continue..."
read

echo -n "Removing some packages... "
aptitude -y remove ruby rubygems iconv mysql mysqltoggle &>/dev/null
[ $? -eq $E_CMDNOTFOUND ] && {
echo "aptitude not installed, use cydia to install it.";
echo "installation aborted.";
exit $E_CMDNOTFOUND;
}

echo "Done"

cd $VARDIR &> /dev/null
[ $? -eq $E_NODIR ] && {
echo "Can't access to $VARDIR, check your folder.";
exit $E_NODIR;
}

wget &>/dev/null
[ $? -eq $E_CMDNOTFOUND ] && {
echo "wget not installed. Installing wget";
aptitude -y wget &>/dev/null;
}

echo -n "Download lua_5.1.4-1_iphoneos-arm.deb... "
[ -f lua_5.1.4-1_iphoneos-arm.deb ] && rm lua_5.1.4-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/lua_5.1.4-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download libpcap_1.1.1-4-1_iphoneos-arm.deb... "
[ -f libpcap_1.1.1-4-1_iphoneos-arm.deb ] && rm libpcap_1.1.1-4-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/libpcap_1.1.1-4-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download nmap_5.51-2-1_iphoneos-arm.deb... "
[ -f nmap_5.51-2-1_iphoneos-arm.deb ] && rm nmap_5.51-2-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/nmap_5.51-2-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download iconv_1.14-1_iphoneos-arm.deb... "
[ -f iconv_1.14-1_iphoneos-arm.deb ] && rm iconv_1.14-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/iconv_1.14-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download zlib_1.2.3-1_iphoneos-arm.deb... "
[ -f zlib_1.2.3-1_iphoneos-arm.deb ] && rm zlib_1.2.3-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/zlib_1.2.3-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download ruby_1.9.2-p180-1-1_iphoneos-arm.deb... "
[ -f ruby_1.9.2-p180-1-1_iphoneos-arm.deb ] && rm ruby_1.9.2-p180-1-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/ruby_1.9.2-p180-1-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

if (("$FW_V" != "1")) || (("$FW_V" != "2")); then
echo -n "Download framework-X.X.X.tar.bz2... which one -> 3.5.2 (1)"
echo " or"
echo " latest but no mySQL support 4.3.0 (2)"
read FW_V

if [ $FW_V == "1" ]; then
[ -f framework-3.5.2.tar.bz2 ] && rm framework-3.5.2.tar.bz2 &>/dev/null
wget http://downloads.metasploit.com/data/releases/archive/framework-3.5.2.tar.bz2 &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

elif [ $FW_V == "2" ]; then
[ -f framework-4.3.0.tar.bz2 ] && rm framework-4.3.0.tar.bz2 &>/dev/null
wget http://downloads.metasploit.com/data/releases/archive/framework-4.3.0.tar.bz2 &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}
else
echo "ERROR 48, nothing usable has been chosen by user"
echo "installation aborted"
exit $E_NOTHING_CHOOSED
fi
fi

echo "Done"

echo -n "Installing inetutils... "
aptitude -y install inetutils &>/dev/null
[ $? -ne $E_NOERR ] && {
echo "Problem occured";
echo "installation aborted.";
exit $?;
}

echo "Done"

echo -n "Istalling lua_5.1.4-1_iphoneos-arm.deb... "
dpkg -i lua_5.1.4-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling libpcap_1.1.1-4-1_iphoneos-arm.deb... "
dpkg -i libpcap_1.1.1-4-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling nmap_5.51-2-1_iphoneos-arm.deb... "
dpkg -i nmap_5.51-2-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling iconv_1.14-1_iphoneos-arm.deb... "
dpkg -i iconv_1.14-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling zlib_1.2.3-1_iphoneos-arm.deb... "
dpkg -i zlib_1.2.3-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling ruby_1.9.2-p180-1-1_iphoneos-arm.deb... "
dpkg -i ruby_1.9.2-p180-1-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

if (("$MYSQL_DL" != "1")) || (("$MYSQL_DL" != "2")); then
echo -n "DO YOU WANT TO INSTALL MySQL WITH IT'S SBStoogle?"
echo " YES (1) *if you have SBS and want v3.5.2* "
echo " NO (2) *IF no SBS or don't want it "
read MYSQL_DL

if [ $MYSQL_DL == "1" ]; then
echo -n "Download mysql_5.0.83-4-1_iphoneos-arm.deb... "
[ -f mysql_5.0.83-4-1_iphoneos-arm.deb ] && rm mysql_5.0.83-4-1_iphoneos-arm.deb &>/dev/null
wget http://ininjas.com/repo/debs/mysql_5.0.83-4-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download mysqltoggle_1.0-1-1_iphoneos-arm.deb... "
[ -f mysqltoggle_1.0-1-1_iphoneos-arm.deb ] && rm mysqltoggle_1.0-1-1_iphoneos-arm.deb &>/dev/null
wget http://ininjas.com/repo/debs/mysqltoggle_1.0-1-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Istalling mysql_5.0.83-4-1_iphoneos-arm.deb and mysqltoggle_1.0-1-1_iphoneos-arm.deb... "
dpkg -i mysql* &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

elif [ $MYSQL_DL == "2" ]; then
echo "You've decided not to install MySQL and it's SBStoogle"
else
echo "ERROR 48, nothing usable has been chosen by user"
echo "installation aborted"
exit $E_NOTHING_CHOOSED
fi
fi

if [ $FW_V == "1" ]; then
echo -n "Decompressing framework-3.5.2.tar.bz2... "
tar -jxf framework-3.5.2.tar.bz2

elif [ $FW_V == "2" ]; then
echo -n "Decompressing framework-4.3.0.tar.bz2... "
tar -jxf framework-4.3.0.tar.bz2
else
echo "ERROR"
fi
fi

[ $? -ne $E_NOERR ] && {
echo "Problem occurred while decompressing archive.";
echo "installation aborted";
exit 1;
}

echo "Done"

echo -n "Removing downloded files..."
cd $VARDIR &> /dev/null
rm framework-3.5.2.tar.bz2 framework-4.3.0.tar.bz2 ruby_1.9.2-p180-1-1_iphoneos-arm.deb iconv_1.14-1_iphoneos-arm.deb mysql_5.0.83-4-1_iphoneos-arm.deb mysqltoggle_1.0-1-1_iphoneos-arm.deb zlib_1.2.3-1_iphoneos-arm.deb libpcap_1.1.1-4-1_iphoneos-arm.deb nmap_5.51-2-1_iphoneos-arm.deb lua_5.1.4-1_iphoneos-arm.deb &>/dev/null
[ $? -ne $E_NOERR ] && echo "Can't remove downloaded files, step skipped!"
echo "Use iFile to manually delete the install packages in /private/var"
echo "Done"

echo -n "Creating Links... "
cd /bin
[ $? -eq $E_NODIR ] && {
echo "Can't access to bin directory";
echo "Failed";
} || {
ln -s /private/var/msf3/msfconsole ./msfconsole
ln -s /private/var/msf3/msfcli ./msfcli
echo "Done"
}

echo "Done... Metasploit Installed"
echo "Restart your iDevice."
echo -n " "
echo -n " "
echo -n " "
echo -n "If you had any errors with this custom updated script"
echo -n "contact me (/root). at andr920jhckrs@gmail.com"
echo -n " Or add my twitter -> root920 "
echo -n "Reboot your iDevice no now"
cd $CURRDIR

exit 0


UPDATE #2
A new version 4.4 by A.R (/root), Change Log:
*New MSF download link
*Choice between MSF v3.5.2 and v4.3.0
*MySQL is now an add-on
*Social Engineering Kit AutoInstaller v1.1

wget http://khalil_ounis.byethost4.com/metasploit_installer_v4.4.sh


and this is the source code for this script:

#/bin/bash
# Author: Khalil Ounis
# Description: iDevice Metasploit Auto Installer Script Version 4.4
# Web Site: www.89geek.com / ihax4u.com
# For Kalil : I've realised why the framework didn't download, the link was broken... So I fixed that
#If I were you, I would add all the different framework versions for the users to choose from...
#Check out https://github.com/rapid7/metasploit-framework/wiki/Downloads-by-Version for links
#If you wanna contact me email @ andr920jhckrs@gmail.com

ROOT_UID=0
VARDIR=/private/var/
CURRDIR=`pwd`
E_NOERR=0
E_NODIR=1
E_CANTRESOLVE=4
E_NOTROOT=67
E_CMDNOTFOUND=127
E_NOTHING_CHOOSED=48
FW_V=0
MYSQL_DL=0
SET_DL=0

clear

[ "$UID" != "$ROOT_UID" ] && {
echo "This script must be run as root";
exit $E_NOTROOT;
}

echo "Metasploit Installer Script V4.4 - By Khalil Ounis and A.R (/root)"
echo "For iDevices - www.89geek.com"
echo "v4.4 -> updated by /root from ihax4u.com"

echo " "
echo "By using this installer you agreed that I cannot be held responsible for any damage you cause to yourself"\
"or other while using the program that will be installed. Have Fun!"
echo "Press any key to continue..."
read
echo " "

echo "Change Log"
echo "v4.1 *FIX* New MSF download link"
echo " *NEW* Choice between MSF v3.5.2 and v4.3.0"
echo "v4.2 *NEW* MySQL is now an add-on"
echo "v4.3 *FIX* Cleaned up some of my stupid echo errors (-n)"
echo "v4.4 *NEW* Social Engineering Kit AutoInstaller v1.1"
echo "Press any key to continue..."
read
clear

echo -n "Removing some packages... "
aptitude -y remove ruby rubygems iconv mysql mysqltoggle subversion pyobjc &>/dev/null
[ $? -eq $E_CMDNOTFOUND ] && {
echo "aptitude not installed, use cydia to install it.";
echo "installation aborted.";
exit $E_CMDNOTFOUND;
}

echo "Done"

cd $VARDIR &> /dev/null
[ $? -eq $E_NODIR ] && {
echo "Can't access to $VARDIR, check your folder.";
exit $E_NODIR;
}

wget &>/dev/null
[ $? -eq $E_CMDNOTFOUND ] && {
echo "wget not installed. Installing wget";
aptitude -y wget &>/dev/null;
}

echo -n "Download lua_5.1.4-1_iphoneos-arm.deb... "
[ -f lua_5.1.4-1_iphoneos-arm.deb ] && rm lua_5.1.4-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/lua_5.1.4-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download libpcap_1.1.1-4-1_iphoneos-arm.deb... "
[ -f libpcap_1.1.1-4-1_iphoneos-arm.deb ] && rm libpcap_1.1.1-4-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/libpcap_1.1.1-4-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download nmap_5.51-2-1_iphoneos-arm.deb... "
[ -f nmap_5.51-2-1_iphoneos-arm.deb ] && rm nmap_5.51-2-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/nmap_5.51-2-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download iconv_1.14-1_iphoneos-arm.deb... "
[ -f iconv_1.14-1_iphoneos-arm.deb ] && rm iconv_1.14-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/iconv_1.14-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download zlib_1.2.3-1_iphoneos-arm.deb... "
[ -f zlib_1.2.3-1_iphoneos-arm.deb ] && rm zlib_1.2.3-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/zlib_1.2.3-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download ruby_1.9.2-p180-1-1_iphoneos-arm.deb... "
[ -f ruby_1.9.2-p180-1-1_iphoneos-arm.deb ] && rm ruby_1.9.2-p180-1-1_iphoneos-arm.deb &>/dev/null

wget http://ininjas.com/repo/debs/ruby_1.9.2-p180-1-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

if (("$FW_V" != "1")) || (("$FW_V" != "2")); then
echo -n "Download framework-X.X.X.tar.bz2... which one -> 3.5.2 (1)"
echo " or"
echo " latest but no mySQL support 4.3.0 (2)"
read FW_V

if [ $FW_V == "1" ]; then
[ -f framework-3.5.2.tar.bz2 ] && rm framework-3.5.2.tar.bz2 &>/dev/null
wget http://downloads.metasploit.com/data/releases/archive/framework-3.5.2.tar.bz2 &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

elif [ $FW_V == "2" ]; then
[ -f framework-4.3.0.tar.bz2 ] && rm framework-4.3.0.tar.bz2 &>/dev/null
wget http://downloads.metasploit.com/data/releases/archive/framework-4.3.0.tar.bz2 &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}
else
echo "ERROR 48, nothing usable has been chosen by user"
echo "installation aborted"
exit $E_NOTHING_CHOOSED
fi
fi

echo "Done"

echo -n "Installing inetutils... "
aptitude -y install inetutils &>/dev/null
[ $? -ne $E_NOERR ] && {
echo "Problem occured";
echo "installation aborted.";
exit $?;
}

echo "Done"

echo -n "Istalling lua_5.1.4-1_iphoneos-arm.deb... "
dpkg -i lua_5.1.4-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling libpcap_1.1.1-4-1_iphoneos-arm.deb... "
dpkg -i libpcap_1.1.1-4-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling nmap_5.51-2-1_iphoneos-arm.deb... "
dpkg -i nmap_5.51-2-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling iconv_1.14-1_iphoneos-arm.deb... "
dpkg -i iconv_1.14-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling zlib_1.2.3-1_iphoneos-arm.deb... "
dpkg -i zlib_1.2.3-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

echo -n "Istalling ruby_1.9.2-p180-1-1_iphoneos-arm.deb... "
dpkg -i ruby_1.9.2-p180-1-1_iphoneos-arm.deb &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

if (("$MYSQL_DL" != "1")) || (("$MYSQL_DL" != "2")); then
echo "DO YOU WANT TO INSTALL MySQL WITH IT'S SBStoogle?"
echo " YES (1) *if you have SBS and want v3.5.2* "
echo " NO (2) *IF no SBS or don't want it "
read MYSQL_DL

if [ $MYSQL_DL == "1" ]; then
echo -n "Download mysql_5.0.83-4-1_iphoneos-arm.deb... "
[ -f mysql_5.0.83-4-1_iphoneos-arm.deb ] && rm mysql_5.0.83-4-1_iphoneos-arm.deb &>/dev/null
wget http://ininjas.com/repo/debs/mysql_5.0.83-4-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Download mysqltoggle_1.0-1-1_iphoneos-arm.deb... "
[ -f mysqltoggle_1.0-1-1_iphoneos-arm.deb ] && rm mysqltoggle_1.0-1-1_iphoneos-arm.deb &>/dev/null
wget http://ininjas.com/repo/debs/mysqltoggle_1.0-1-1_iphoneos-arm.deb &>/dev/null

[ $? -eq $E_CANTRESOLVE ] && {
echo "Can't access ininjas server, check your connection.";
echo "installation aborted";
exit $E_CANTRESOLVE;
}

echo "Done"

echo -n "Istalling mysql_5.0.83-4-1_iphoneos-arm.deb and mysqltoggle_1.0-1-1_iphoneos-arm.deb... "
dpkg -i mysql* &>/dev/null

[ $? -ne $E_NOERR ] && {
echo "Problem occurred, installation aborted";
exit $?;
}

echo "Done"

elif [ $MYSQL_DL == "2" ]; then
echo "You've decided not to install MySQL and it's SBStoogle"
else
echo "ERROR 48, nothing usable has been chosen by user"
echo "installation aborted"
exit $E_NOTHING_CHOOSED
fi
fi

if [ $FW_V == "1" ]; then
echo -n "Decompressing framework-3.5.2.tar.bz2... "
tar -jxf framework-3.5.2.tar.bz2

elif [ $FW_V == "2" ]; then
echo -n "Decompressing framework-4.3.0.tar.bz2... "
tar -jxf framework-4.3.0.tar.bz2
else
echo "ERROR, none of the packages exist"
echo "installation aborted";
exit 1;
fi

[ $? -ne $E_NOERR ] && {
echo "Problem occurred while decompressing archive.";
echo "installation aborted";
exit 1;
}

echo "Done"

echo -n "Removing downloded files..."
cd $VARDIR &> /dev/null
rm framework-3.5.2.tar.bz2 framework-4.3.0.tar.bz2 ruby_1.9.2-p180-1-1_iphoneos-arm.deb iconv_1.14-1_iphoneos-arm.deb mysql_5.0.83-4-1_iphoneos-arm.deb mysqltoggle_1.0-1-1_iphoneos-arm.deb zlib_1.2.3-1_iphoneos-arm.deb libpcap_1.1.1-4-1_iphoneos-arm.deb nmap_5.51-2-1_iphoneos-arm.deb lua_5.1.4-1_iphoneos-arm.deb &>/dev/null
[ $? -ne $E_NOERR ] && echo "Can't remove downloaded files, step skipped!"
echo "Use iFile to manually delete the install packages in /private/var"
echo "Done"

echo -n "Creating Links... "
cd /bin
[ $? -eq $E_NODIR ] && {
echo "Can't access to bin directory";
echo "Failed";
} || {
ln -s /private/var/msf3/msfconsole ./msfconsole
ln -s /private/var/msf3/msfcli ./msfcli
echo "Done"
}

echo "Done... Metasploit Installed"
echo " "
echo " "
echo " "

if (("$SET_DL" != "1")) || (("$SET_DL" != "2")); then
echo "Would you like to install Social Engineering Kit?"
echo " [yes(1)/no(2)] "
read SET_DL

if [ $SET_DL == "1" ]; then
echo "Social Engineering Toolkit AutoInstaller v1.1"
echo "Made by /root from ihax4u.com"

echo "Change Log"
echo "v1.1 *FIX* Fixed my echo mistakes..."
echo " *NEW* Failsafe added"
echo -n "Press any key to continue...".
read
clear

echo "Checking Dependencies....."
echo " "
echo -n "Installing PyObjC..."
aptitude install PyObjC &>/dev/null
echo " Done"
echo -n "Installing Subversion..."
aptitude install subversion &>/dev/null
echo " Done"
cd $VARDIR &> /dev/null
echo -n "installing Social Engineering Kit..."
svn co http://svn.secmaniac.com/social_engineering_toolkit set/ &>/dev/null
echo " Done"
echo "You must open set_config and change the path to metasploit to /private/var/msf3"
elif [ $SET_DL == "2" ]; then
echo "You've decided not to download SET"
else
echo "ERROR 48, nothing usable has been chosen by user"
echo "installation aborted"
exit $E_NOTHING_CHOOSED
fi
fi

echo "If you had any errors with this custom updated script"
echo "contact me (/root). at andr920jhckrs@gmail.com"
echo " Or add my twitter -> root920 "
echo "Metasploit successfully installed!"
echo "Reboot your iDevice now"
cd $CURRDIR

exit 0

47 comments :

  1. It gives me a problem occured error message during the ruby 1.9.2 install. I am a Iphone 4s running 5.01.

    ReplyDelete
    Replies
    1. Try to install ruby manually by:

      dpkg -i ruby_1.9.2-p180-1-1_iphoneos-arm.deb

      and make sure that that file is exist, then print the error you get

      Delete
  2. Ruby depends on zlib; zlib not installed

    ReplyDelete
    Replies
    1. Sorry for that,i fixed it... Just re-download the script and execute it

      Delete
  3. Thanks for fixing that error, I a now receiving a error on the mysql install. mysql depends on inetutils,however inetutils is not installed.
    mysql depends on mysqltoggle;however mysqltoggle is not configured yet.

    Let me know what you think
    Thanks

    ReplyDelete
    Replies
    1. I have made some changes to the script now, i tested it and now it should work. re-download and execute, and let me know if you still having problems(or if it works)

      Delete
  4. Hi,

    When I try to execute the script now it says
    line:1 syntax error near unexpected token '<'
    line:1 "HTML CODE"
    Will not let me enter the HTML code on this line in the post.

    Thanks

    ReplyDelete
  5. hi tim,

    weird! you get that when you try to execute html as shell script!
    try again by removing script:

    rm msf_*

    and re-download it. if you still having that error, tell me what you get when you type this

    cat msf_installer_v4.sh

    ReplyDelete
  6. Ok, That gets it to run. The script is installing inetutils but has been stuck there for about 20 minutes. Is that normal?

    Sorry for all the issues
    Tim

    ReplyDelete
  7. No, that's not normal, its only have 200KB, install it manually:

    aptitude -y install inetutils

    and re-execute script, and return back :)

    ReplyDelete
  8. I think I see the issue, it never downloads inetutils. I do not see it in your script above. Is that something that should be already on there?

    Tim

    ReplyDelete
    Replies
    1. it's on the line 127, i don't understand why doesn't work for you, what did you get when you tried to install it manually?

      Delete
  9. I downloaded inetutils from cydia and installed it and it skipped that step. Everything installed now except the dynamic links. It says 'failed to create dynamic link, file exists'

    Thanks for all your help
    Tim

    ReplyDelete
    Replies
    1. So that's it, don't worry about links, that are already created so it not a problem, now you should have mysql and metasploit on your iphone, reboot your iphone and test metasploit

      Delete
  10. after i tried the installation on iPhone4

    Before you start,install from Cydia mobileterminal, wget, Aptitude & Nmap

    If you update Metasploit (svn update) you will loos db_autopwn

    ReplyDelete
    Replies
    1. thanks for the heads-up, i updated it. because i already have nmap installed in my iphone, i forgot to add it to script. and for wget, script will install it, all you need is aptitude.

      Delete
    2. to download the link to the phone you need wget ;) .. if you can reverse your script to letit download aptitude while still needs wget from cydia at the start.

      Delete
    3. Thank you again :) i always use ftp client to upload script(in case someone else did the same) that's why i add a check line for wget. You are right, before anyone start using script he must install aptitude and wget.

      Best Regards

      Delete
    4. am glad for being of any help :) ... now let us try to find out a solution that keeps db_autopwn config after updating via (svn update)

      Delete
    5. I will try with it, and please let me know if you found a solution.
      Keep in touch!

      Delete
  11. salam n thanks a lot khalil for the script.made my life easir.:) hopefully next release can be updated:)

    ReplyDelete
    Replies
    1. salam brother :) your welcome, i will try to make updates :)
      Good luck!

      Delete
  12. congradulations for the script!
    after long trying a lot of methods, this script-method worked and now I'm using the MSF

    ReplyDelete
  13. I've taken the liberty to rewrite some of your script simply because it would not work. I'd rather have metasploit alone that not have it at all due to mysql. 1. MySQLtoogle wouldn't install because i didnt have sbs (which i don't wanna have) 2. MySQL wouldn't install without the toogle. I choose to not use it.... Then 3. the framework didn't decompress for some reason. I figured out that the url you put was being redirected but after that -> error 404...... So I've looked online for a live link. That's pretty much what I changed, a choice for MySQL and added metasploit v4.3.0. Here's a link to the file on my DB, to get from terminal :

    wget http://db.tt/ASYBEnel

    I'd post the source but the site wont let me

    ReplyDelete
    Replies
    1. Hi /root,

      metasploit has been changed the link for my version, i fixed it now and i added your custom script, thank you!

      Delete
  14. Hey Khalil, you think the script can be modified to work with Android??? Because I have my phone around more than my iPod... Let's say I change the locations for the install, but how would I fulfill the requirement of metasploit on android, it's not like I can use apt-get or anything...

    ReplyDelete
    Replies
    1. i didnt try anything yet on android OS, but i will try this summer, i don't if anyone has make metasploit work on android, did you heard anything?

      Delete
    2. Thx for fixing your script, I'll try to find a working link to SET as it is a powerful addition, might also add SBSettings install as it is a dependency of the mySQL Toogle, and it's what cause my first issue with your script ;). I've seen a video about metasploit on android but you needed to flash the rom and I didn't feel like loosing everything. I'll keep looking, tell me if you find anything.

      Delete
    3. than you /root, we will keep in touch. i try to update my script for SET, as you said it's really a powerfil addition, and about android i will leave it to summer (time problem :/) Next month i will post a new script that works with arpspoof, dnspoof and lighttpd with some fake pages to capture network passwords. Good luck

      Delete
  15. I've done some more upgrades, I'd be happy if you start using my script as the main one :), also there might be a couple of mistakes here and there throughout the modifications I've made and I'd appreciate if you could find and fix them as I am relatively new at this,I learned bash scripting just to make your script work.
    So this is version 4.4 and I've added a SET installer to the script.

    For people who already have metasploit and don't wanna reinstall, here's a standalone SET installer : wget http://db.tt/nljm5yfl
    Here's the new version of MSF script (v4.4): wget http://db.tt/SVeYnqrC

    It has a changelog and somewhat of a disclaimer as well as the SET installer.
    Won't have enough room to post the sources, so could you copy paste it from both my files and maybe add to your site?
    I'll look for some more add-ons, peace out.

    ReplyDelete
    Replies
    1. Well done! :) perfect! thank you /root, yeah i have fixed some of mistakes but i still didn't tested it yet(could you test it?), i've post your script and uploaded it, you can check it from this link: http://khalil_ounis.byethost4.com/metasploit_installer_v4.4.sh

      Thank you "/root"

      Good luck!

      Delete
    2. Hey first thank you for this awsome script but everytime i update via svn update, i get some
      problems. i think because ruby....

      Delete
    3. Your welcome :) we need to know which errors you got

      Delete
  16. This is the error...
    ./msfconsole
    /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require': no such file to load -- securerandom (LoadError)
    from /private/var/msf3/lib/fastlib.rb:368:in `require'
    from /private/var/msf3/lib/gemcache/ruby/1.9.1/gems/activesupport-3.2.2/lib/active_support.rb:24
    from /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require'
    from /private/var/msf3/lib/fastlib.rb:368:in `require'
    from /private/var/msf3/lib/gemcache/ruby/1.9.1/gems/activerecord-3.2.2/lib/active_record.rb:24
    from /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require'
    from /private/var/msf3/lib/fastlib.rb:368:in `require'
    from /private/var/msf3/lib/msf/core/db_manager.rb:1
    ... 14 levels...
    from /private/var/msf3/lib/msf/ui.rb:10
    from /private/var/msf3/lib/fastlib.rb:368:in `fastlib_original_require'
    from /private/var/msf3/lib/fastlib.rb:368:in `require'
    from ./msfconsole:128

    ReplyDelete
    Replies
    1. You are using ruby 1.9.1, try to install ruby_1.9.2 and see what happen

      Delete
  17. I need help:

    Removing some packages... Done
    Download lua_5.1.4-1_iphoneos-arm.deb... Done
    Download libpcap_1.1.1-4-1_iphoneos-arm.deb... Done
    Download nmap_5.51-2-1_iphoneos-arm.deb... Done
    Download iconv_1.14-1_iphoneos-arm.deb... Done
    Download zlib_1.2.3-1_iphoneos-arm.deb... Done
    Download ruby_1.9.2-p180-1-1_iphoneos-arm.deb... Done
    Download framework-X.X.X.tar.bz2... which one -> 3.5.2 (1) or
    latest but no mySQL support 4.3.0 (2)

    ReplyDelete
    Replies
    1. i didn't test /root version, but here you have to choose, press 1 if you want 3.5.2 version, or press 2 if you want 4.3.0 version then hit enter.

      Good luck

      Delete
    2. thanks Khalil Ounis!

      Delete
  18. With the original script version that comes with mysql, when I run ./msfconsole should the database already be connected? when I run db_status I get MySQL driver selected but no database.

    if it is not already connected, how do I create the metasploit database and connect to it, then have it connect every time. Thanks guys, this is really awesome btw.

    ReplyDelete
  19. Faild to run svn....what can i do?;-)
    thank you!

    ReplyDelete
  20. This comment has been removed by the author.

    ReplyDelete
  21. The iNinjas site was down for me, so I mirrored the Metasploit files here - http://www.guidoz.com/repo/debs/

    The v4.4 shell script is also there, unmodified, for good measure. Please let me know if you'd like it removed. Thanks!

    --
    Peace. ~G

    ReplyDelete
  22. @GuidoZ nice, that backup is really useful ~michaelmruta

    ReplyDelete
  23. hey khalil plz can you explain me how to install SET toolkit on my iphone 4s and should i have msf to install it . thank you

    ReplyDelete
  24. hi gc0d3r, sry for my bad english, I'm installing on iphone 5 this and when I'm running ruby msfconsole, appear a error like this : illegal instruction 4, or if I upgrade ruby appear another error.Thank you very much if you answer me.If you make a tutorial how to install to an iphone 5 ios 7.0.4, I will very happy to see.

    ReplyDelete