Bigphish is aEasy to use exploit crafter for privilege escalation in OSX through systemwide root for all PID on sudo
For whatever reason OSX hand out root privs to all PID any time sudo is run… This is an example of weaponizing for gaining a reverse root shell in one line of bash on an otherwise unmodified system. Great for a driveby attack with ducky or teensy on power users where simply providing the user with a fake prompt to enter their password won’t work.
+ eliminate false positives of unsuccessful sudo attempts triggering the exploit prematurely
+ add more payloads
+ tor support for reverse shell??
+ V1.2 adds an exploit crafter for building process kill loops in OSX, even for processes owned by root or by other users along with an easy option to add custom commands from the interactive shell
Assign passwordless root only to the PID of that shell
git clone https://github.com/Psychotrope37/bigphish && cd bigphish
chmod +x bigphish
sudo bash bigphish