In this post we will see how to configure our iDevice in order to perform pen-testing of iOS applications. The basic requirement for this is to have a jailbroken device iDevice. To start with it you need to check on which iOS version your device is running and then you can download the jailbreak(evasi0n, Redsn0w, PanGu etc.) available for that version. Jailbreaking is not a tricky job you just need correct software for your iOS version, then you can connect your device to computer and follow the instructions to jailbreak.
Your device will reboot post jailbreak and if the jailbreak is successful you will see “Cydia” app installed on your device. Cydia is a repositories to install softwares that are unavailable on the App Store.
Now, we need to install other apps/tools that are required for the pentest.
1. Terminal [Cydia Store]
2. OpenSSH [Cydia Store]
3. syslogd [Cydia Store]
4. iFile [Cydia Store]
5. Python [Cydia Store]
6. BigBoss recommended tools [Cydia Store]
The next thing to do is to change your SSH password. You can find the IP of your iDevice by going to the Settings–>Wifi, and then tapping on the info button on the network you are connected to. By default, the password for both ‘mobile’ and ‘root’ user is ‘alpine’.