The Hacker News

Security Expert from Coresec explains the use of a Permanent Reverse TCP Backdoor "sbd-1.36" for IPhone and IPad developed by Michel Blomgren.

Cybersecurity

sbd is a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. sbd features AES-128-CBC + HMAC-SHA1 encryption (by Christophe Devine), program execution (-e option), choosing source port, continuous reconnection with delay, and some other nice features. Only TCP/IP communication is supported.

Steps to pwn the Iphone:
1. Install packages iphone-gcc using "apt-get install iphone-gcc" & make "apt-get install make"
2. Download sbd backdoor to the device using Wget from here & Untar - "tar -zxvf sbd-1.36.tar.gz"
3.) Sbd configuration before the compilation, See details here.
4.) Compilation process - "make darwin"
5. Configuration to RunAtLoad using LaunchDaemons (for permanent access)
6. Gaining access to victim (from Linux box)


Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.