What is Pirni?Pirni is an application that was ported to The Ipod Touch/iPhone to be used as a native network sniffer. Pirni is so useful because it gets past the iPod Touch’s/iPhone’s wifi hardware limitation of not being able to be set into promiscious mode (a mode that allows a network device to intercept and read each network packet that arrives in its entirety). To get past this limitation Pirni comes with an ARP spoofer that successfully routes all the network traffic through your iPod Touch/iPhone, records it to a dump file and then uses packet forwarding to send it to it’s normal recipent (ie. the router). What this basically means in simpler terms is that all the traffic on a specific network comes through your iPod Touch/iPhone before it reaches the router. This meaning that if we sniff the network long enough, another user connected to the network could enter in an unencrypted password and you could then retrieve that password after looking through your dump file.
Using PirniPirni is an application that does not have a GUI (Graphical User Interface) and it requires a program called Terminal to run and be used. Terminal is basically an application that allows you to give your iPod Touch/iPhone simple commands. Below I am going to go through the steps of installing and using Pirni… **Note this is a technical tutorial and is not recommended for users new to computers. Please also note that this tutorial is for educational purposes only. It is illegal to sniff a wireless network that is not your own. Use and Follow this Tutorial at your own Risk.
Step 1) - The first thing you are going to need to do is install a program called Mobile Terminal on your iPod Touch/iPhone. This program is available through cydia, so open up cydia and type in terminal into the search tab. Once you find Mobile Terminal on your search Results install it to your iPod Touch/iPhone.
alpine (alpine is the default password. If you have not changed your password then use alpine)
Step 5) - Once you are logged in as the root user you can begin using Pirni. To initiate Pirni you are going to need to enter in a line of commands replacing whats in red with your network specific information.
-s: Specifies the IP-adress you want to spoof, this is where the Router IP Address goes.
-d: Specifies the target you want to perform MITM on, this is where the IP Address of your network goes.
-f: Specifies the Berkley Packet Filter so that pirni only collects interesting packets. This is very good if you want to filter out specific packets – such as FTP, SMTP or HTTP. If no -f options is supplied, all packets will be captured.
-o: Specifies the dumpfile where all the collected packets end up. This is a pcap dump format, that most traffic analyzers can handle.
iphone4s:~ root# more get.sh
pirni -s 192.168.1.1 -o log.pcap
pirni -s 192.168.1.1 -d 192.168.1.189 -f "tcp dst port 80" -o log.pcap
pirni -i en1 -s 192.168.1.1 -d 255.255.255.0 -o log.pcap
Analyzing your Dump FileNow that you have sniffed the packets on your network you now have to analyze the dump file created by Pirni. To do this you will need to get the dump file off your iPodTouch/iPhone by using a program called Winscp. This program allows you to access the files on your iPodTouch/iPhone. To use this program you will need two things; open ssh installed on your iPodTouch/iPhone and Winscp installed on your computer…
Step 1) - Download openssh to your iPodTouch/iPhone by going into Cydia and typing in openssh into the search panel. Once you see openssh on the search results click it and install open ssh. Once open ssh has been installed exit cydia and continue to step 2…
Downloads to your computer install it by following the easy to use steps of the installer…
Step 3) - Once Winscp has finished installing double click the winscp.exe to launch the program. You will be presented with a window like the one depicted below…
Username this is always left as root. The last piece of information you need to enter in is the password the default password if you haven’t changed it is alpine. If you have changed your password then enter your current password in the password field now.
Step 5) - Now that WireShark is installed double click the WireShark.exe on your Desktop to start the program. Once the Program is up and running you are going to need to open your log file. Click the Open Button in the middle of the screen and then locate your log file which should be on your Desktop.
hawkee.com account. If this was performed on an unknown network you would have successfully sniffed a password that you can then do what you want with. WireShark is a very powerful tool for analyzing packets if you go to their Website you can learn a lot about packets and other analyzing techniques not discussed on this tutorial.