After issuing just nmap ipaddress I had no response So I turned off the ping first option and tried again.
nmap 192.168.1.108 -P0
Okay so I found it. The MAC ties up with my phones MAC address.
Next I'll just try all TCP ports to see what I get.
nmap -P0 -p1-65535 192.168.1.108
So I found one TCP port open. I'lll use the -sV switch to get the version.
nmap -P0 -sV -p62087 192.168.1.108
Hmmm. Still nothing. Maybe an OS Scan would be interesting.
nmap -P0 -O 192.168.1.108
So it got the right OS
Okay. So I know there is still that open port. What if I send something to it and see what comes back.
So using TCPDump I throw on a filter for just the IPhone IP address.
tcpdump -i eth0 host 192.168.1.108
Thats a bit noisey. I want just my target port for now.
tcpdump -i eth0 host 192.168.1.108 && port 62078
now In a seperate window, I create a test file by echoing "test" to a file and thow that at the port using nc.
nc 192.168.1.108 62078 < face="georgia">Okay, so that went well. I'll repeat the process and capture the results to analyse in Wireshark using the -w switch with tcpdump:
tcpdump -i eth0 -w iphone-capture.pcap host 192.168.1.108 && port 62078
Okay. I'll be honest. The results were not good. I'm still clueless. Maybe i'll resort to good old Google.
2 Mins later................................
Okay, now i find that the leg work has already been done. It's a port used when synching with iTunes.
Oh well, i suppose it was one way to waste an hour.
P.S - If you do try port scanning the Iphone, you might find that it needs a hard reset before it will synch properly.
