EggShell - C�ng c? gi�n di?p iOS v� macOS
EggShell l� m?t c�ng c? pentest khai th�c c?a iOS v� macOS du?c vi?t b?ng Python.
C�ng c? n�y t?o ra m?t payload da giai do?n da tuy?n, EggShell mang l?i cho b?n s?c m?nh v� s? ti?n l?i c?a n� nhu t?i xu?ng c�c t?p, ch?p ?nh, theo d�i v? tr�, th?c thi l?nh tr�nh b�o, c�c d?c quy?n dang tang l�n c?a m�y ch?, truy xu?t m?t kh?u v� nhi?u hon n?a.
OK B?T �?U
DOWNLOAD N�
Install using git: (macOS/Linux)
S? d?ng menu, ch�ng ta c� th? ch?n d? t?o ra m?t payload, d�y l� nh?ng g� s? du?c ch?y tr�n m�y m?c ti�u.
macOS :
Anh em ch?u kh� d?ch nh�!!!
ls : list contents of directory
cd : change directories
rm : delete file
pwd : get current directory
download : download file
picture : take picture through iSight camera
getpid : get process id
openurl : open url through the default browser
idletime : get the amount of time since the keyboard/cursor were touched
getpaste : get pasteboard contents
mic : record microphone
brightness : adjust screen brightness
exec : execute command
persistence : attempts to connect back every 60 seconds
rmpersistence : removes persistence
iOS Commands
sysinfo : get system information
ls : list contents of directory
cd : change directories
rm : delete file
pwd : get current directory
download : download file
frontcam : take picture through front camera
backcam : take picture through back camera
mic : record microphone
getpid : get process id
vibrate : make device vibrate
alert : make alert show up on device
say : make device speak
locate : get device location
respring : respring device
setvol : set mediaplayer volume
getvol : view mediaplayer volume
isplaying : view mediaplayer info
openurl : open url on device
dial : dial number on device
battery : get battery level
listapps : list bundle identifiers
open : open app
persistence : installs LaunchDaemon � tries to connect every 30 seconds
rmpersistence : uninstalls LaunchDaemon
installpro : installs eggshellpro to device
EggShellPro Commands (Cydia Substrate Extension)
lock : simulate lock button press
wake : wake device from sleeping state
home : simulate home button press
doublehome : simulate home button double press
play : plays music
pause : pause music
next : next track
prev : previous track
getpasscode : log successfull passcode attempts
unlock : unlock with passcode
keylog : log keystrokes
keylogclear : clear keylog data
locationservice: turn on or off location services
EggShell Pro
EggShell Pro t?n d?ng c�c ch?c nang h? th?ng trong iOS.
V?i ti?n �ch m? r?ng n�y, ta c� th? th?c hi?n t�c v? n�t home v� m� ph?ng n�t kh�a, b?t d?ch v? d?nh v? v� hon th? n?a. M?t t�nh nang kh�c l� c� th? dang nh?p m?t m� m� iPhone d� t?ng du?c m? kh�a sau khi ta c�i n� v�o iphone ch? tru?c th� b� qu� :))) Khi tuong t�c v?i thi?t b? IOS, b?n ch? c?n ch?y "installpro" v� t?p dylib s? du?c t?i l�n thi?t b? theo sau b?i m?t respring.
C�ng c? n�y t?o ra m?t payload da giai do?n da tuy?n, EggShell mang l?i cho b?n s?c m?nh v� s? ti?n l?i c?a n� nhu t?i xu?ng c�c t?p, ch?p ?nh, theo d�i v? tr�, th?c thi l?nh tr�nh b�o, c�c d?c quy?n dang tang l�n c?a m�y ch?, truy xu?t m?t kh?u v� nhi?u hon n?a.
OK B?T �?U
DOWNLOAD N�
Install using git: (macOS/Linux)
git clone https://github.com/neoneggplant/EggShellcd EggShellpython eggshell.pyT?o v� ch?y 1 Payload
macOS :
Anh em ch?u kh� d?ch nh�!!!
ls : list contents of directory
cd : change directories
rm : delete file
pwd : get current directory
download : download file
picture : take picture through iSight camera
getpid : get process id
openurl : open url through the default browser
idletime : get the amount of time since the keyboard/cursor were touched
getpaste : get pasteboard contents
mic : record microphone
brightness : adjust screen brightness
exec : execute command
persistence : attempts to connect back every 60 seconds
rmpersistence : removes persistence
iOS Commands
sysinfo : get system information
ls : list contents of directory
cd : change directories
rm : delete file
pwd : get current directory
download : download file
frontcam : take picture through front camera
backcam : take picture through back camera
mic : record microphone
getpid : get process id
vibrate : make device vibrate
alert : make alert show up on device
say : make device speak
locate : get device location
respring : respring device
setvol : set mediaplayer volume
getvol : view mediaplayer volume
isplaying : view mediaplayer info
openurl : open url on device
dial : dial number on device
battery : get battery level
listapps : list bundle identifiers
open : open app
persistence : installs LaunchDaemon � tries to connect every 30 seconds
rmpersistence : uninstalls LaunchDaemon
installpro : installs eggshellpro to device
EggShellPro Commands (Cydia Substrate Extension)
lock : simulate lock button press
wake : wake device from sleeping state
home : simulate home button press
doublehome : simulate home button double press
play : plays music
pause : pause music
next : next track
prev : previous track
getpasscode : log successfull passcode attempts
unlock : unlock with passcode
keylog : log keystrokes
keylogclear : clear keylog data
locationservice: turn on or off location services
EggShell Pro
EggShell Pro t?n d?ng c�c ch?c nang h? th?ng trong iOS.
V?i ti?n �ch m? r?ng n�y, ta c� th? th?c hi?n t�c v? n�t home v� m� ph?ng n�t kh�a, b?t d?ch v? d?nh v? v� hon th? n?a. M?t t�nh nang kh�c l� c� th? dang nh?p m?t m� m� iPhone d� t?ng du?c m? kh�a sau khi ta c�i n� v�o iphone ch? tru?c th� b� qu� :))) Khi tuong t�c v?i thi?t b? IOS, b?n ch? c?n ch?y "installpro" v� t?p dylib s? du?c t?i l�n thi?t b? theo sau b?i m?t respring.
Ch?p ?nh
Ch?p ?nh b?ng l?nh "picture" tr�n macOS s? k�ch ho?t m�y ?nh iSight v� g?i d? li?u h�nh ?nh quay l?i m�y ch?.
�? ch?p ?nh tr�n iOS, h�y s? d?ng "webcam" ho?c "backcam".
iOS d�nh c?p Passcode
Khi t? ch?y "getpasscode", n� s? g?i l?i m?t m� d� du?c s? d?ng cu?i c�ng d? m? kh�a thi?t b?.
macOS Hijacking Safari Facebook Sessions
V?i l?nh getfacebook th� n� s? ph�n t�ch qua c�c t?p tin nh? ph�n t? safari.
Do c�c cookie nh? ph�n trong safari kh�ng du?c m� h�a ta c� th? d? d�ng l?y cookie Facebook (Crush c?a c�c �ng th� d?ng l�m v?y nh�, t�i n�i th?t v�o Fb n� r?i l?i h?i h?n !!)
C�n r?t nhi?u ch?c nang ch? anh em kh�m ph� n�n t? t�m nh� :)) t�i s? d? l?i m?t c�i Tutorial d? anh em v?c
No comments: