In the previous section, we studied about creating a shell bind and shell reverse TCP access for iDevice but the problem is that this will not work if the device gets rebooted.
So, we can have a persistent connection with the iDevice by creating a backdoor for it. We will create a shell backdoor as a service that will be started automatically with each boot of device.
Let's follow the given steps to create a backdoor for iOS:
Refer to the system's
LaunchDaemons
. We will need SSH daemon that we used for OpenSSH installed via Cydia:Navigate to
LaunchDaemons
fromLibrary
and you will observe a plist file asopenssh.sshd
:Check the default specifications of the LaunchDaemon sshd service:
Now, download the file and edit the details such as service, port as per the requirement:
Edit Label, Program, SockServiceName, and so on. We will use port number
5555
to bind our shell:Now, copy this edited
com.openssh.sshd.plist
file to the system'sLibrary
folder:Let's launch the backdoor...