Mpge is a wrapper of meterpreter (msfconsole, msfpayload and msfencode)of Metasploit Framework directly integrated with Mac OS X Snow Leopard 10.6.8 and with OS X Mavericks 10.9. With Mpge is possible make trojan horse files for Microsoft Windows, Linux, Mac OS X 10.3 Panther, Mac OS X 10.4 Tiger, Mac OS X 10.5 Leopard and Mac OS X Montain Lion 10.8.1. For Mac OS X is possible make a trojan horse files contains a reverse shell into files .pkg and files .app. I used three real Mac OS X. Attacker: My MacBook with Snow Leopard 10.6.8 Targets: My Mac iBook PowerPC G4 with Mac OS X10.3.5 Panther and after my MacBook and my iMac Mac OS X Mountain Lion 10.8.1. All Mac OS X were connected on intranet lan of an italian ISP. MacBook is in listening and expected the reverse shell from the target i my Mac iBook PowerPC G4 receive a package and
when click on file .pkg and insert the user password and the attacker receive a reverse shell.
- Testing on iMac Mac OS X Lion and MacBook with wifi wireless connection.
- Add Option and Status of IP in User Reviews.
- Add Option Results of IP in User Reviews.
- Add news informations about version of Mpge v.1.3 in User Reviews.
- Ported Mpge directly on Mac OS X Snow Leopard 10.6.3.
- Test on Mac OS X Mountain Lion in User Reviews.
- New test with packages .pkg between MacBook and Mac iBook POWERPC G4 “Snow” in User Reviews.
- Add folder Reverse Shell and Backdoor in a directory Files.
- Add folder Creation of trojan horse file .app and .dmg in a directory Files.
- Added release Mpgev1.3.tgz in a directory Files.
- Upcoming implementations always on Mac OS X relate to test the persistence of the connections (I’ve already found the module but still has to be tested) and mostly the payload always for Mac OS X that implements encrypted connections.
Virus total analysis
Download version :
Mpge v.1.0 OS X Mavericks.tgz (241.9 MB)
Find Other version |
Resources : http://sourceforge.net/projects/mpge/
Our post before : http://seclist.us/update-mpge-v-1-3-a-wrapper-of-msfpayload-and-msfencode-of-metasploit.html