DEV Community: ribhav99

EvilOSX

ribhav99 — Sat, 20 Jun 2020 12:12:48 +0000

Control MacOS Remotely Without Being Detected

Ribhav Kapur - ribhav.kapur99@gmail.com

In this article, I want to talk about a Github project called EvilOSX(https://github.com/Marten4n6/EvilOSX), which can be used to gain remote access to MacOS systems. In this article I won’t go into the details of why the scripts work, but instead I’ll talk about what the scripts can do and hopefully this will give you a better understanding of how hackers might try to exploit your systems. (Note that everything mentioned here might be different for Windows users.)

I would like to preface this by saying that this is for educational purposes only. This is meant to make you aware of one possible way hackers may attack you so you can take measures to stay safe. I do not condone using this on anyone, and it is, without a doubt, illegal.

Step 1: Get the Required Files and Dependencies Installed
First you want to clone the git repository and change directories into that repository and install all the dependencies.

Step 2: Create the Payload
The next thing you want to do is find out your IP address. There are various ways you can do this. Below is a terminal command but you could just as easily google it.
ifconfig | grep "inet " | grep -v 127.0.0.1
This method will only work when you’re attacking a computer that is on the same wireless network as you. If you want to attack computers on different networks, it gets a little more complicated than this and you’ll need to use a few other techniques too like port forwarding. Anyway, that’s out of scope for this.
To run start building a payload for the unsuspecting users’ computer, run the following command:
python3 start.py --builder
And then:
● Enter your IP address
● Enter the server port (use 1337 as recommended)
● Choose where the file will be saved
● Type 1 for a python payload (0 for rubber ducky)
● Leave the next field empty
● Name of the payload that will show on the victim’s computer when asking for
permissions like keychain access.
Your payload is now ready for the unsuspecting victim!
git clone https://github.com/Marten4n6/EvilOSX.git cd EvilOSX
Pip3 install -r requirements.txt

Step 3: Start the EvilOSX Server
This will have to be done before delivering the payload to the victim’s computer because when the payload, which is essentially a bash script, is run (on the victim’s computer), it tries to connect to the server which is why the server should be set up and should be listening for connections in advance. To do this, enter the following command:
python3 start.py --cli --port 1337
You can type in help to see all the available commands.
Now all that’s left to do is to wait for users to connect to your server. There are various ways to deliver the payload to the computers you want to attack. For example: if it’s a computer from some organisation, putting the payload on a USB and putting a company sticker on it will probably mean that someone will put it into their computer and hence end up connecting to your server!

Step 4: Running the Payload on the Target MacOS Computer
In this step, you essentially want to run the python file, which is the payload you made in step 2, on the computer you are targeting. There are many ways to do this discreetly like hiding a bash script in the meta-data of a picture or just simply having a bash script that runs when the user clicks on it (which is by definition what a bash script does....).

Step 5: Start Attacking the Target MacOS Computer
Type help for available commands, bots to see a list of computers connected to your EvilOSX server and modules to see some of the attacks you could perform:

To connect to a bot, type connect , where is the index of the computer you want to connect to in your list of bots. You can then type use where is the name of any of the modules above to perform attacks. For modules listed above that require the admin password, like getting chrome passwords or iTunes information, the payload will provide a pop up like the one Apple does when asking for security permissions to go undetected!
Your payload should go by undetected by any virus scanners since it is just a python (.py) file. The only way it can be spotted is if someone is constantly monitoring their processes to see which ones are persistent for the longest time. Even then, it usually just passes off as a regular, non-malicious python file.

Scraping Twitter with Twint

ribhav99 — Sat, 07 Mar 2020 05:26:35 +0000

Ribhav Kapur

http://www.ribhavkapur.com

The rise of social media has been tremendous and has had multiple effects in areas like, mental health, procrastination, business, etc. It has been the most culturally significant event for the longest time and one aspect that I would like to talk about is the availability of open source data and specifically, talk about the some ways we can use it.

As the title suggests, this will be focused on using a program called twint (https://github.com/twintproject/twint) which can be used to collect data from Twitter. I’ll talk about the ways I have used it, and hopefully that will help spark some creativity.

Why Twint?
Twint is a program that makes it unbelievably easy to gather data from twitter without any rate limitations whatsoever. If you try to use the twitter API, you will only get results with around 3200 tweets, which is a really small number if you’re, say, trying to gather a data set for a machine learning algorithm. Twint allows users to search almost all tweets. Every single tweet. According to a quick Google search, there are 200 Billion tweets every year. That is an enormous amount of data, publicly available. Furthermore, it is really easy to set up and use. A simple “pip install’ through the command line will do the trick (assuming ofcourse you already have python setup). This is a huge bonus since anyone who’s worked with API’s before will tell you it’s a pain to setup. And, to top it off, you don’t even need to have an account on twitter. You can use this program completely anonymously.

Collecting Information for Research
The first time I used Twint was when I was creating my first startup. The idea heavily relied on the use of Facebook’s graph API for Instagram. The startup was still in the ideation stage and I used twint as a tool for research on twitter to scrape information about Instagram. I found a user (@wongmjane ) who tweets details about various mobile applications (like instagram). She goes into the source code of applications and talks about changes in upcoming features, API’s, various hidden features, etc. This promised to be a great way to gather information about where Instagram might be headed, and what type of things can be done with the API, or with upcoming features that weren’t talked about anywhere else.
This actually did prove to be an invaluable source of information since it helped me pivot the idea several times based on things Facebook was working on and helped gather some stats about what features are most valuable to users and then develop business strategies around those to help my startup get off the ground.

Gathering User Sentiment for Investment
Another time I used twint, and this one I’m particularly proud of, was to analyse the sentiment of the general public about stocks and/or companies and use that as a guide for investment. Now before I go ahead, I definitely DO NOT recommend doing this whatsoever. I’m just a kid in university who likes to mess around with projects so whatever you do, do not take financial advice from me. Now since that’s out of the way, lets talk about what exactly I did. I used twint to gather a bunch of data about a particular stock, say Tesla. This basically gathered a bunch of tweets where the main topic of conversation (or well main topic of “tweet”) was Tesla. I then parsed these tweets and used Google’s Natural Language Processing API’s sentiment analysis tool to gather the general sentiment of each tweet. Then based on the overall response, which would either be positive or negative, and ofcourse the confidence of each and the percentage of each, I decided whether or not that stock would be a good investment. Surprisingly, it worked better than I expected. I decided to invest a 100 dollars in some stocks (sadly 100 bucks doesn’t get you very far) and I actually managed to get a solid 5% return on the first day! I got excited and went on to lose $50 after that but eh you win some, you lose some.

Collecting Data for Training Machine Learning Algorithms
As all computer scientists know, the more the data, the better you can train your algorithm. As mentioned before, with ~200 Billion new tweets made every single year, Twitter is a great place to collect information and create data sets. As part of an assignment in University, I had to write an algorithm, using Bayes Nets, to classify emails as spam or not spam. Ofcourse we were given numerous guidelines and enough resources to complete the project, but what’s the fun the that? After completing the assignment, I used the same algorithm and trained it with data from Twitter. I used twint to gather tweets that were advertisements, to classify as spam, and gathered a set of random tweets from users, to classify them as not spam, just to see how well my algorithm worked on a large real world data set. It performed decently well and classified ~87% of the tweets correctly.

These are some ways I used twint to learn something new, mess around with a project or just kill time doing something interesting. Even though these weren’t extremely big projects and nothing other than some learning came out of it, I hope this demonstrates the possibilities when you have such easy access to large data and I hope this inspired some very novel use cases.