Jump to content

[Question] OSX RunEXE from SD equivalent?


Recommended Posts

Hey guys, I would like to go about creating a payload for the Rubber Ducky that pretty much does the same thing as the

*RunEXE from SD* payload but on OSX using a .JAR file. How would I do this? The payload for EXE files on windows uses a batch file that waits for the SD card to be mounted but OSX doesn't use batch files? Sorry for my inexperience, I am both a Windows and a Kali user but need this payload for penetration testing on Macs.

I think the only alternative would be to open a OSX backdoor and download and run the file in terminal. I would rather not resort to this though because if I was trying to install on multiple machines I would have to change the listening port every time to download the file. A little more time consuming and inefficient compared to a straight SD card transfer and run.

Edited by slyd0g
Link to comment
Share on other sites

Well, you need some kind of scripting language or something that can actually wait for the ducky drive to mount. I don't have an OSX machine, so I have no idea where to start either. Every OS has some kind of command prompt and scripting language though. All you have to do is discover what your platform uses. You can follow the general outline of the script I wrote.

REM Hide the shell prompt below the screen. 

REM Change directories. 

REM Make a script file that waits for SD card to mount. 
REM Delete the script file if it already exists. 
REM while(true){
REM      poll for ducky drive
REM      if(drive exists){
REM           break;
REM      }//end if
REM }//end while
REM Start EXE on ducky. 

REM Figure out a way to run it silently, your system probably already supports it.
REM The only option for my system was to run it through a visual basic file.  

The actual polling for the drive will probably be the hardest part, you may wish to post a plea for help on a couple of OSX scripting forums, let them do the hard work.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...