Rip 'em Out!

Analysing a large size of PCAP is pain in the ass. So, why not we just split it into a multiple files. We can do that with editcap. In this example, we are splitting by packet per file. $ editcap -c 100000 in.pcapng out.pcapng

Installing IPA without using any fancy tools, in this case we just using scp and uicache command! To do it; 1. Extract IPA file with 7zip or using whatever archiver tool 2. CD into extracted folder 3. scp .app into your jailbroken device; scp -r iOS_App_File.app [email protected]:~ 4. ssh into jailbroken device, and move .app file folder into /Applications folder; ssh [email protected] su mv  iOS_App_File.app/ /Applications 5. Next we set our file to executable permission; cd /Applications chmod +x iOS_App_File.app 6. Final step, exit current ssh interpreter session, and run uicache command

Why dumpcap ? Because it is light and more importantly its CLI (Command Line Interface). With that we can leverage on and write some automated python, bash or related scripts to automated our work. In my case, I wanted to capture all the packets and dump it into separate file with size of 50MB and continuously capture for a certain time period e.g 9:00 till 17:00 (wherever you wanted to) $ dumpcap -i 1 -b filesize:10 -w demo.pcapng //Command above will dump all packets separately into 10kb size into filename of demo.pcapng P/S: -i = interface you wish to capture from (you might wanna run tshark with -D options first) Anyhow if you stuck, don't forget to read user manual. Cheers!

From my previous post, we already have done capturing all wireless probe network perimeters via Kismet. As for our reference and preliminary analysis purpose, all those information can be export into one single file (.kml) and using Google Earth application to browse and view. To do that we can use  giskismet  which is already installed on the Kali Linux distribution. Simply type this command: giskismet -x <FILE.netxml> -q "select * from wireless" -o output.kml Once the file is exported simply open it with Google Earth. Reference:  https://tools.kali.org/wireless-attacks/giskismet

While doing a iOS Security Testing, I wondered how do we convert .app into .ipa. So basically here are the structure of .ipa files. 1. First, SSH in your iPhone (Jailbroken). 2. Download the .app folder via scp  3. Copy the .app folder into a folder called Payload. 4. Compress it with .zip extension using any compression software. 5. Change the extension from file.zip to file.ipa. That’s it. Now you can use these .ipa files to install the app into your iPhone.