0dyss3us Posted January 5, 2018 Share Posted January 5, 2018 Reverse Shell Mac for Bash Bunny Author: 0dyss3us (KeenanV) Version: 1.0 Description Opens a persistent reverse shell on victim's mac and connects it back to host attacker over TCP. Targets MacOS (OSX may work but has not been tested) Connection can be closed and reconnected at any time Deploys in roughly 30 sec (working on making it faster) Works well with NetCat as the listener Requirements Have a working Bash Bunny :) and a victim with MacOS STATUS LED STATUS Purple Setup Amber (Single Blink) Installing connect.sh script Amber (Double Blink) Creating cron job White (Fast Blink) Cleaning up Green Finished Installation and Execution Plug in Bash Bunny in arming mode Move files from MacPersistentReverseShell to either switch folder Edit the connect.sh file and replace the placeholder IP with attacker's IP and the port with whichever port you like to use (I use 1337 ?) Save the connect.sh file Unplug Bash Bunny and switch it to the position the payload is loaded on Plug the Bash Bunny into your victim's Mac and wait until the final light turns green (about 30 sec) Unplug the Bash Bunny and go to attacker's machine Listen on the port you chose in the connect.sh file on whichever program you'd like (I use NetCat) If using NetCat, run the command nc -nlvp 1337 (replace the port with the port in connect.sh) Wait for connection (Should take no longer than 1 minute as the cron job runs every minute) Once a bash shell prompt appears...YOU'RE DONE!! ? and you can disconnect and reconnect at any time as long as the user is logged in Download Click here to download. Link to comment Share on other sites More sharing options...
Rinilyn Posted January 5, 2018 Share Posted January 5, 2018 ok im new to this github stuff,got my bash a week ago. how can i only download the changes you made and not the whole master repo with it? does everyone do it with the git app? Link to comment Share on other sites More sharing options...
0dyss3us Posted January 5, 2018 Author Share Posted January 5, 2018 There doesn't appear to be an easy way to do it by default (you would have to re-save each file individually), but there is a Chrome extension called GitZip that will allow you to select directories/files on the Github website and download them as zip files. I haven't tested it myself but others seem to have had success with it. Link to comment Share on other sites More sharing options...
PaPPy Posted January 10, 2019 Share Posted January 10, 2019 Quick question and a suggestion. Why do you need ATTACKMODE HID STORAGE, and not just HID? And the suggestion, you should run "history -c", to clear the command history Link to comment Share on other sites More sharing options...
glyph Posted February 5, 2020 Share Posted February 5, 2020 Works like a charm ! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.