I don't have direct help to offer, but there was a presentation at DerbyCon last year on mobile malware. You can find a link to the video at www.derbycon.com if you're interested.
Smartphone exploitation
Hi all, I'm doing my thesis on mobile malware & botnets.
The goal of project is to find ways of gaining full control over a smartphone remotely and suggest countermeasures.
I've been experimenting with BeEF and hooking the browser on my iPhone - can do some cool stuff but it is not full control (plus the hook script is flushed out when you browse to a new domain!).
Ideally, i want to find a way of executing the Metasploit Meterpeter payload (osx/armle/meterpreter/reverse_tcp) on iPhone and/or android 4.2 handset but most of the resources I can find are about 'installing Metasploit on your iPhone' rather than using it to actually exploit it. I did come across Charlie Millers work where he exploited a flaw in the Apple app store code signing and got Meterpreter shell running - but this is not reproducible.
If you guys have any resources or suggestions (even if not involving Metasploit) please share! Thanks
Re: Smartphone exploitation
I don't have direct help to offer, but there was a presentation at DerbyCon last year on mobile malware. You can find a link to the video at www.derbycon.com if you're interested.
If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...
Re: Smartphone exploitation
how about getting the source code of the exploits you want and try to experiment on it
Posting Permissions