1. Forgotten Hell Mac Os X
  2. Forgotten Hell Mac Os Catalina
  3. Forgotten Hell Mac Os Catalina

And I'm on a Mac. I'm at the point where I have an object file created from nasm, and I want to turn it into an ELF executable using ld. The ld on a mac doesn't look like it supports the ELF format, but I don't want to run a virtual machine with Ubuntu just to do this link step. Note: The headings on this list indicate the Macintosh System bundle names; the bullet points indicate the version of the System File included in that bundle. This is to make it clearer for people searching for specific bundle versions as opposed to System File versions. Finder File versions are not indicated. 1 Classic Mac OS 1.1 Macintosh System Software (0 - 0.3) 1.1.1 System File 1 1.1.2.

Introduction

EggShell is an iOS/macOS and Linux post exploitation surveillance pentesting tool written in Python. With EggShell you’ll be able to:

  • upload/download files, take pictures, track location, execute shell command, retrieve passwords, and much more.
This is project is a proof of concept, intended for use on machines you own.

EggShell: Post Exploitation Surveillance Tool

This remote administration tool provides a command line session with additional functionality between you and target machine. EggShell comes packed with a wide variety of features.

Forgottenhell Mac OS

Features:

  • Tab completion,
  • File manipulation (upload/download/delete, etc.),
  • Full camera and microphone control,
  • Location Tracking,
  • Shell command execution,
  • Persistence,
  • Escalating privileges,
  • Tacking Pictures,
  • Password Retrieval,
  • iTunes/iMessages manipulation, etc.
* Server communication features end to end encryption with 128 bit AES and the ability to handle multiple clients.

EggShell Install

Requirements:

  • python 2.7

Clone it from the Githhub.

MacOS/Linux:

iOS (Jailbroken Only):

  • Add Cydia source: http://lucasjackson.io/repo
  • Install EggShell 3
  • Run the command eggshell (use any mobile terminal application)

Payloads

Eggshell payloads are executed on the target machine. After we retrieve device details, server will establish a secure remote control session. There are 2 different payload options:

  • bash
  • Teensy (macOS)

Forgotten Hell Mac Os X

bash: If you select a payload in bash (shell script), you’ll be prompted to enter your EggShell server IP address and port the payload will connect back to. A payload shell script will then be generated on the terminal screen.

Forgotten Hell Mac Os Catalina

Teensy (macOS): If you select a Teensy payload, you will be prompted to enter your EggShell server IP address and port the payload will connect back to. An Arduino based payload for the teensy board will then be generated for you in the folder teensy_macOS relative from where you ran EggShell.

Sessions

After a session is established, you can execute commands on that device through the EggShell command line interface. Type help to show all available commands.

Multihandler

Multihandler option allow us to handle multiple sessions. You can also show Multihandler commands (similar to the sessions), just type help.

Taking Pictures/Recording Audio

Both iOS and macOS sessions support taking pictures and recording audio.

Taking pictures:

  • macOS: (picture command) takes a picture through the front facing iSight camera,
  • iOS: requires 1 argument specifying ‘front’ or ‘back’ facing camera.

Recording audio:

  • When it came to recording audio, the process is same for both iOS and macOS. The argument for this command will specify the record or stop action. Recording will run in the background, so you’ll be able to execute additional commands during the recording. When the recording is finished, the file will be downloaded and saved.

To see detailed EggShell feature explanation, click the documentation link bellow.

Commands

macOS:

  • brightness : adjust screen brightness
  • cd : change directory
  • download : download file
  • getfacebook : retrieve facebook session cookies
  • getpaste : pasteboard contents
  • getvol : get speaker output volume
  • idletime : get the amount of time since the keyboard/cursor were touched
  • imessage : send message through the messages app
  • itunes : iTunes Controller
  • keyboard : your keyboard -> is target’s keyboard
  • lazagne : firefox password retrieval
  • ls : list contents of a directory
  • mic : record mic
  • persistence : attempts to re establish connection after close
  • picture : take picture through iSight
  • pid : get process id
  • prompt : prompt user to type password
  • screenshot : take screenshot
  • setvol : set output volume
  • sleep : put device into sleep mode
  • su : su login
  • suspend : suspend current session (goes back to login screen)
  • upload : upload file

Linux:

  • cd : change directory
  • download : download file
  • ls : list contents of a directory
  • pid : get process id
  • pwd : show current directory
  • upload : upload file

Forgotten Hell Mac Os Catalina

iOS:

  • alert : make alert show up on device
  • battery : get battery level
  • bundleids : list bundle identifiers
  • cd : change directory
  • dhome : simulate a double home button press
  • dial : dial a phone number
  • download : download file
  • getcontacts : gets addressbook
  • getnotes : download notes
  • getpasscode : retreive the device passcode
  • getsms : download SMS
  • getvol : get volume level
  • home : simulate a home button press
  • installpro : install substrate commands
  • ipod : control music player
  • islocked : check if the device is locked
  • lastapp : get last opened application
  • locate : get device location coordinates
  • locationservice: toggle location services
  • lock : simulate a lock button press
  • ls : list contents of a directory
  • mic : record mic
  • mute : update and view mute status
  • open : open apps
  • openurl : open url on device
  • persistence : attempts to re establish connection after close
  • picture : take picture through the front or back camera
  • pid : get process id
  • respring : restart springboard
  • safemode : put device into safe mode
  • say : text to speach
  • setvol : set device volume
  • sysinfo : view system information
  • upload : upload file
  • vibrate : vibrate device

You may also like:

Post-exploitation Agent – SILENTTRINITY [Python, IronPython, C#/.NET]
Build Your Own Botnet – BYOB
Remot3d: An Simple Exploit for PHP Language

Is the copy of El Capitan you are retrying to install an old copy you downloaded some time ago.

Recently the certificates for certain Mac OS's expired making it difficult or impossible to install them.

Apple released updated versions with new valid certificates, so you could try downloading the updated

release of El Capitan, from here. How to upgrade to OS X El Capitan – Apple Support

Please note there are different instructions, read Sections 4 to 7 completely.

At Section 4 you click on Download OS X El Capitan, this will download Install MACOSX.dmg.

Double-click on Install MACOSX.dmg and you will then get Install MACOSX.pkg.

Double click on that and an installation window will open, this does not install El Capitan but converts

Install MACOSX.pkg to Install OS X El Capitan.app which will be in your Application folder.

Use that to install El Capitan.

Dec 1, 2019 11:17 PM