Jump to content

Recommended Posts

Posted

All the payloads I've seen for macs for the rubber ducky have been catching netcat shells and I was wondering if anybody out there has something better. Basically I'm trying to create a payload that will allow me to navigate the victims computer and download files from them.

My idea was to get ducky to write a python script that would basically be an ftp server, however theres a lot of logistical issues such as downloading the module, running it, not very secure, and the time it takes to do all this.

Anybody have any better ideas?

Posted (edited)

possible through native commands : http://www.itworld.com/software/191971/enable-ftp-server-mac-os-x-lion

not sure about creds though, I'm sure you need the users password ???

unless you combine it with latest sudo priv-esc; to somehow dump all hashes and record to sdcard? to be cracked later.... again unsure if this would work?

Edited by midnitesnake
  • 2 months later...
Posted

All the payloads I've seen for macs for the rubber ducky have been catching netcat shells and I was wondering if anybody out there has something better. Basically I'm trying to create a payload that will allow me to navigate the victims computer and download files from them.

My idea was to get ducky to write a python script that would basically be an ftp server, however theres a lot of logistical issues such as downloading the module, running it, not very secure, and the time it takes to do all this.

Anybody have any better ideas?

If you catch a netcat shell, you should be able to navigate their file sysytem and download files.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...