Jump to content

Recommended Posts

Posted

Hey everyone!

Ok so (Without writting a novel here...) Here's the story:

I had one of my buddies Screen Share Via iChat onto my iMac to check out some of my IPv6 settings and port forwarding (first time with Century Link and their hardware) for some VNC. This is a buddy I trust really well. I had disappeared from my workstation (I know, first mistake) and let him carry on. Well, when I returned I saw he had remotely transfered Conan the Librarian (for those who don't know, it's a background process that has the mic on 24/7 and will have Arnold Schwartz. scream "shut up" at you till you kill the process).

With that having been said, I seek (friendly) revenge on his iMac in return.

I'm wanting to either do a Metasploit payload or SSH into his machine and do Terminal commands galore, and lock his audio and use the "Say" command (just an example). My issue: get his IP fully without asking. Not a big issue usually except he's running a few levels of OpenDNS and running though Time Warner Co. (if that matters). My question is does anyone have/recommend ways I can get his iMac's external IP address , preferably without him finding out I'm doing such?

Posted

External address wont help you much due to firewalls.

My hateful response: He has a Mac, the damage is already done lol.

It's one thing to do harmless little prank, it's another to get a backdoor.

You could buy a USB Ducky from the shop and plug it into his system to hit the backspace/delete key 10 times in a row very quickly and throw it on a timer of every 10 minutes and change the sleep time. Then when he would be in the middle of typing it would delete words at random :P.

Posted (edited)

Oh nothing is better than a bash script that is set to play some crazy song at random times. Just make sure to add it in on lauchd, cause its a mac they prolly will not look there.

Edited by leapole
Posted

External address wont help you much due to firewalls.

My hateful response: He has a Mac, the damage is already done lol.

It's one thing to do harmless little prank, it's another to get a backdoor.

You could buy a USB Ducky from the shop and plug it into his system to hit the backspace/delete key 10 times in a row very quickly and throw it on a timer of every 10 minutes and change the sleep time. Then when he would be in the middle of typing it would delete words at random :P.

Don't get me wrong, I'd LOVE to use a USB Ducky on him. One other problem I forgot to mention: He lives accross the country.

Posted

Oh nothing is better than a bash script that is set to play some crazy song at random times. Just make sure to add it in on lauchd, cause its a mac they prolly will not look there.

In a perfect world:

I'd like to spawn a VNC server on his iMac, then when I know he's at work snag the SSH credentials. And strike!

Posted (edited)

External address wont help you much due to firewalls.

My hateful response: He has a Mac, the damage is already done lol.

It's one thing to do harmless little prank, it's another to get a backdoor.

You could buy a USB Ducky from the shop and plug it into his system to hit the backspace/delete key 10 times in a row very quickly and throw it on a timer of every 10 minutes and change the sleep time. Then when he would be in the middle of typing it would delete words at random :P.

LOL!

Don't get me wrong, I'd LOVE to use a USB Ducky on him. One other problem I forgot to mention: He lives accross the country.

You could buy one and mail it to him? haha.

Edited by Radau
Posted (edited)

that is your physical access...

honestly -- he has a mac and prolly just clicks links whilly nilly. Open up the set toolkit send a few emails and your done.

Edited by leapole
Posted

that is your physical access

Well he's not going to send it back to me, since he lives across country. Thats' the fun of this planning prank: he's quite cunning. He'd keep it for himself = I'm out $60 some odd bucks and out of a USB Ducky

Posted

I know this is not allowed to be talked in here, but If you want to screw around with him, you could rat him, do all sorts of evil things to him.

Posted

So long as he doesn't have an antivirus a R.A.T. could work, if you're going to test it locally remember to isolate the virtual network in case things somehow spin out of control. You could always try to make it FUD if you know how to. I really hope I didn't just violate the TOS there haha.

Posted

So long as he doesn't have an antivirus a R.A.T. could work, if you're going to test it locally remember to isolate the virtual network in case things somehow spin out of control. You could always try to make it FUD if you know how to. I really hope I didn't just violate the TOS there haha.

There is a paid utility that you can use, to FUD it, not mentioning the name here as it is against the forum rules.

Posted

There is a paid utility that you can use, to FUD it, not mentioning the name here as it is against the forum rules.

There are a lot of them, you don't HAVE to pay for them, but if you want one that is really FUD you do or you have to have connections to someone that creates their own. He's using a mac though, maybe he bought into the "Macs never get viruses" gimmick?

Posted

There are a lot of them, you don't HAVE to pay for them, but if you want one that is really FUD you do or you have to have connections to someone that creates their own. He's using a mac though, maybe he bought into the "Macs never get viruses" gimmick?

You can get good free ones, but the paid ones I put my money on it.

Posted

You can get good free ones, but the paid ones I put my money on it.

You usually have to catch the free ones within a few hours of them being uploaded, paid ones have worked out great for me though. Of course it wont matter if he doesn't even have any antivirus running, or it shouldn't. I wouldn't know I avoid that operating system like the plague :P

Posted

You usually have to catch the free ones within a few hours of them being uploaded, paid ones have worked out great for me though. Of course it wont matter if he doesn't even have any antivirus running, or it shouldn't. I wouldn't know I avoid that operating system like the plague :P

One of my mates is a huge fan of Apple, he really bores me to death when he talks about Apple. He really is a knowledgable guy, knows a lot about Apple, how it works, it's operations and everything.

Anyway, I think the OP will have to run Vmware Fusion, to get the RAT to work, since he is on a MAC.

Posted

Update***

So last night I did one of those .php scripts to try and snag his code, we won't click it. SO that is probably out of the question to get his IP.

Just shooting ideas here:

Is it possible through SET or something to create a background process that I can include within a .zip attachment (Include it with a legit file for him, but hide the process file) and have the script execute an "on click" or something and route back to me? or is that overthinking things? It's mostly his IP i'm after, then the rest is a playground B)

Posted (edited)

What is a Mac? Isn't that the address given to modems and such? ;p

Haha, you just reminded me of a teacher that required us to write out media access control address instead of mac address just because they had a Macintosh... such a pain :D

Update***

So last night I did one of those .php scripts to try and snag his code, we won't click it. SO that is probably out of the question to get his IP.

Just shooting ideas here:

Is it possible through SET or something to create a background process that I can include within a .zip attachment (Include it with a legit file for him, but hide the process file) and have the script execute an "on click" or something and route back to me? or is that overthinking things? It's mostly his IP i'm after, then the rest is a playground B)

Could you maybe get him to click on a tinyurl that redirects to it? You could also try to convince him you want to play a game of Quake 3 with him and you have an extra activated copy then send a file that installs quake and something else;p

Edited by Radau
Posted

Haha, you just reminded me of a teacher that required us to write out media access control address instead of mac address just because they had a Macintosh... such a pain :D

Could you maybe get him to click on a tinyurl that redirects to it? You could also try to convince him you want to play a game of Quake 3 with him and you have an extra activated copy then send a file that installs quake and something else;p

You sir bring up a good point! He does have his iMac set up for Windows 7 because he likes to play Goldeneye on there. Hm..

Posted (edited)

Haha, you just reminded me of a teacher that required us to write out media access control address instead of mac address just because they had a Macintosh... such a pain :D

Could you maybe get him to click on a tinyurl that redirects to it? You could also try to convince him you want to play a game of Quake 3 with him and you have an extra activated copy then send a file that installs quake and something else;p

A good idea in deed, but what if he doesn't use the Windows 7 machine, for accessing his online accounts, and instead use his iMac? How is this going to work out?

Edited by Infiltrator
Posted

A good idea in deed, but what if he doesn't use the Windows 7 machine, for accessing his online accounts, and instead use his iMac? How is this going to work out?

Can I get back to you once I've figured that part out? :P

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...