Categories: Kali Linux

EggShell – Remote Administration Tool For iOS/macOS

EggShell is a post misuse surveillance instrument written in Python. It gives you a command line session with additional usefulness amongst you and an objective machine. EggShell gives you the power and convenience of uploading/downloading records, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is venture is a proof of concept, expected for use on machines you claim.

 

For detailed information and how-to visit please access the link.

Also Read Drozer – Android Leading Security Testing Framework

Getting Started With Eggshell

  • Requires python 2.7

macOS/Linux Installation

git clone https://github.com/neoneggplant/eggshell
cd eggshell
python eggshell.py

iOS (Jailbroken)

Add Cydia source: http://lucasjackson.io/repo Install EggShell 3 Use any mobile terminal application and run the command eggshell

Creating Payloads

Eggshell payloads are executed on the target machine. The payload first sends over instructions for getting and sending back device details to our server and then chooses the appropriate executable to establish a secure remote control session.

bash

Selecting bash from the payload menu will give us a 1 liner that establishes an eggshell session upon execution on the target machine

teensy macOS (USB injection)

Teensy is a USB development board that can be programmed with the Arduino ide. It emulates usb keyboard strokes extremely fast and can inject the EggShell payload just in a few seconds.

Selecting teensy will give us an arduino based payload for the teensy board.

After uploading to the teensy, we can use the device to plug into a macOS usb port. Once connected to a computer, it will automatically emulate the keystrokes needed to execute a payload.

Interacting with a session

After a session is established, we can execute commands on that device through the EggShell command line interface. We can show all the available commands by typing “help”

Tab Completion

Similar to most command line interfaces, EggShell supports tab completion. When you start typing the path to a directory or filename, we can complete the rest of the path using the tab key.

Multihandler

The Multihandler option lets us handle multiple sessions. We can choose to interact with different devices while listening for new connections in the background.

Similar to the session interface, we can type “help” to show Multihandler commands

Commands

macOS

  • brightness : adjust screen brightness
  • cd : change directory
  • download : download file
  • getfacebook : retrieve facebook session cookies
  • getpaste : get pasteboard contents
  • getvol : get speaker output volume
  • idletime : get the amount of time since the keyboard/cursor were touched
  • imessage : send message through the messages app
  • itunes : iTunes Controller
  • keyboard : your keyboard -> is target’s keyboard
  • lazagne : firefox password retrieval | (https://github.com/AlessandroZ/LaZagne/wiki)
  • ls : list contents of a directory
  • mic : record mic
  • persistence : attempts to re establish connection after close
  • picture : take picture through iSight
  • pid : get process id
  • prompt : prompt user to type password
  • screenshot : take screenshot
  • setvol : set output volume
  • sleep : put device into sleep mode
  • su : su login
  • suspend : suspend current session (goes back to login screen)
  • upload : upload file

iOS

  • alert : make alert show up on device
  • battery : get battery level
  • bundleids : list bundle identifiers
  • cd : change directory
  • dhome : simulate a double home button press
  • dial : dial a phone number
  • download : download file
  • getcontacts : download addressbook
  • getnotes : download notes
  • getpasscode : retreive the device passcode
  • getsms : download SMS
  • getvol : get volume level
  • home : simulate a home button press
  • installpro : install substrate commands
  • ipod : control music player
  • islocked : check if the device is locked
  • lastapp : get last opened application
  • locate : get device location coordinates
  • locationservice: toggle location services
  • lock : simulate a lock button press
  • ls : list contents of a directory
  • mic : record mic
  • mute : update and view mute status
  • open : open apps
  • openurl : open url on device
  • persistence : attempts to re establish connection after close
  • picture : take picture through iSight
  • pid : get process id
  • respring : restart springboard
  • safemode : put device into safe mode
  • say : text to speach
  • setvol : set device volume
  • sysinfo : view system information
  • upload : upload file
  • vibrate : vibrate device

Linux

  • cd : change directory
  • download : download file
  • ls : list contents of a directory
  • pid : get process id
  • pwd : show current directory
  • upload : upload file

R K

Share
Published by
R K
8 years ago

Recent Posts

Bash Scripting Best Practices Every Beginner Should Know

Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…

1 day ago

How To Create A Self-Signed SSL Certificate Using Bash And OpenSSL

Introduction A self-signed SSL certificate is a certificate that is created and signed by the…

1 day ago

How To Debug Bash Scripts Using bash -x And set Commands

Introduction Debugging is an important part of Bash scripting. When a script does not work…

1 day ago

How To Use Cron Jobs With Bash Scripts For Automation

Introduction Cron jobs are used in Linux to run commands or Bash scripts automatically at…

1 day ago

How To Use Pipes In Bash Scripts For Command Chaining

Introduction Pipes are an important feature in Linux and Bash scripting. A pipe allows you…

1 day ago

How To Use grep, awk, And sed In Bash Scripts

Introduction The grep, awk, and sed commands are powerful text-processing tools in Linux. They are…

2 days ago