Security Watch

Keeping Track of patches and hacks in the IT security world.

Metasploit 3 Adds iPhone Support to Hacking Arsenal

Metasploit 3 Adds Support for Hacking iPhone

HD Moore's Metasploit point-and-click hacking tool now has built-in support for breaking into Apple's iPhone devices.

Version 3.1 of the exploit development and attack framework shipped earlier today with full support for the Windows platform (including GUI), support for hacking into iPhones, more than 450 modules and about 265 remote exploits.

The iPhone support is built around Moore's well-chronicled "Hacking the iPhone" project.

[ ALSO SEE: Wi-Fi Exploits Coming to Metasploit ]

In a blog entry, Moore said Metasploit 3.1 also features the Windows kernel-land payload staging system developed by Matt Miller, the HeapLib browser exploitation library written by Alexander Sotirov and the Lorcon 802.11 raw transmit library created by Joshua Wright and Mike Kershaw.

He described the addition of a GUI as "a major step forward for Metasploit users on the Windows platform," noting that Metasploit 3 now provides a wizard-based exploitation system, a graphical file and process browser for the Meterpreter payloads, and a multitab console interface.

"The Metasploit GUI puts Windows users on the same footing as those running Unix by giving them access to a console interface to the framework," said Moore, who partnered with Fabrice Mourron on the GUI project.

Notable exploits in the 3.1 release include a remote, unpatched kernel-land exploit for Novell NetWare, a series of 802.11 fuzzing modules that can spray the local airspace with malformed frames, taking out a wide swath of wireless-enabled devices, and a battery of exploits targeted at Borland's InterBase product line.

Metasploit 3.1 runs on all modern operating systems, including Linux, Windows, Mac OS X and most flavors of BSD.