persistence - Post module for OSX #2195
Conversation
| <string>#{path}</string> | ||
| </array> | ||
| <key>RunAtLoad</key> | ||
| <true/> |
There was a problem hiding this comment.
Perfect suggestion, gonna add it
|
hi the same persistence module with keepalive as well as a linux one has been posted here : #629 |
| OptString.new('PAYLOAD', [true, 'Selected payload','osx/x86/shell_reverse_tcp']), | ||
| OptString.new('BACKDOOR_FILE_NAME', [false, 'Backdoor file name. If not set, random name is generated.']), | ||
| OptString.new('BACKDOOR_DIR_NAME', [false, 'Name of backdoor directory. If not set, random name is generated.']), | ||
| OptString.new('BACKDOOR_TO_UPLOAD', [false, 'Path to backdoor ready to upload instead of generating payload.']), |
There was a problem hiding this comment.
You want to use OptPath() instead of OptString for this one, because OptPath will validate the path.
|
This probably needs to be made into a local exploit module, so that you don't have to add/configure the PAYLOAD datastore stuff by hand. Take a look at the windows persistence local exploit for reference. @alexmaloteaux have you made any progress on that PR? |
|
I'm migrating this to a local exploit with my PR: #2513 I branched off your original commit, thanks for the code! Now closing this PR since it hasn't moved in 2 months. |
This module provides persistence boot payload via creating proper entry (plist) in LaunchAgents directory for current user.