macOS Initial Access Payload Generator

Related tags

Mystikal
Overview

Mystikal

macOS Initial Access Payload Generator

Related Blog Post:

Usage:

  1. Install Xcode on build machine (Required for Installer Package w/ Installer Plugin)
  2. Install python requirements
sudo pip3 install -r requirements.txt
  1. Change settings within the Settings/MythicSettings.py file to match your Mythic configs
  2. Run mystikal
python3 mystikal.py
  1. Select your desired payload from the options
 _______               __   __ __           __
|   |   |.--.--.-----.|  |_|__|  |--.---.-.|  |
|       ||  |  |__ --||   _|  |    <|  _  ||  |
|__|_|__||___  |_____||____|__|__|__|___._||__|
         |_____|
         
Mystikal: macOS Payload Generator
Main Choice: Choose 1 of 8 choices
Choose 1 for Installer Packages
Choose 2 for Mobile Configuration: Chrome Extension
Choose 3 for Mobile Configuration: Webloc File
Choose 4 for Office Macros: VBA
Choose 5 for Office Macros: XLM Macros in SYLK Files
Choose 6 for Disk Images
Choose 7 for Armed PDFs
Choose 8 to exit

Note:

Option 1, Option 1.4, and Option 4 have submenus shown below

Selected Installer Packages
SubMenu: Choose 1 of 5 choices
Choose 1 for Installer Package w/ only pre/postinstall scripts
Choose 2 for Installer Package w/ Launch Daemon for Persistence
Choose 3 for Installer Package w/ Installer Plugin
Choose 4 for Installer Package w/ JavaScript Functionality
Choose 5 to exit

Selected Installer Package w/ JavaScript Functionality
SubMenu Choice: Choose 1 of 3 choices
Choose 1 for Installer Package w/ JavaScript Functionality embedded
Choose 2 for Installer Package w/ JavaScript Functionality in Script
Choose 3 to exit

Selected Office Macros: VBA
SubMenu Choice: Choose 1 of 4 choices
Choose 1 for VBA Macros for Word
Choose 2 for VBA Macros for Excel
Choose 3 for VBA Macros for PowerPoint
Choose 4 to exit

Behavior Modifications:

To change the execution behavior (which binaries are called upon payload execution)

  • Modifications will be required in either the specific payload file under the Modules folder or the related template file under the Templates folder.
Issues
  • got unexpected keyword argument 'mythic_encrypts'

    got unexpected keyword argument 'mythic_encrypts'

    Hey, I'm getting the following error when trying to create an Armed PDF in Mystikal

     _______               __   __ __           __
    |   |   |.--.--.-----.|  |_|__|  |--.---.-.|  |
    |       ||  |  |__ --||   _|  |    <|  _  ||  |
    |__|_|__||___  |_____||____|__|__|__|___._||__|
             |_____|
    
    Mystikal: macOS Initial Access Payload Generator
    Main Choice: Choose 1 of 8 choices
    Choose 1 for Installer Packages
    Choose 2 for Mobile Configuration: Chrome Extension
    Choose 3 for Mobile Configuration: Webloc File
    Choose 4 for Office Macros: VBA
    Choose 5 for Office Macros: XLM Macros in SYLK Files
    Choose 6 for Disk Images
    Choose 7 for Armed PDFs
    Choose 8 to exit
    Please make a choice: 7
    Selected Armed PDF
    !!! This module currently downloads a pdf to modify as a default example
    [+] Copied Template Folder to './Payloads/PDF_Payload'
    [+] Logging into Mythic
    [+] Creating new apfell payload
    Traceback (most recent call last):
      File "mystikal.py", line 141, in <module>
        main()
      File "mystikal.py", line 48, in main
        pdf()
      File "/Users/rt/Downloads/Mystikal/Modules/PDF.py", line 103, in pdf
        loop.run_until_complete(main())
      File "/Library/Developer/CommandLineTools/Library/Frameworks/Python3.framework/Versions/3.8/lib/python3.8/asyncio/base_events.py", line 616, in run_until_complete
        return future.result()
      File "/Users/rt/Downloads/Mystikal/Modules/PDF.py", line 85, in main
        await scripting()
      File "/Users/rt/Downloads/Mystikal/Modules/PDF.py", line 56, in scripting
        resp = await mythic.create_payload(p, all_commands=True, wait_for_build=True)
      File "/Users/rt/Downloads/Mystikal/mythic.py", line 4026, in create_payload
        resp = await self.get_payloadtypes()
      File "/Users/rt/Downloads/Mystikal/mythic.py", line 4132, in get_payloadtypes
        tmp.append(PayloadType(**x))
    TypeError: __init__() got an unexpected keyword argument 'mythic_encrypts'
    

    Mythic Version: Current main branch (2.2) Mystikal Version: Current main branch

    Any idea why I might be getting this error? pip says all requirements are satisfied and as far as I can see all the settings in MythicSettings.py are correct.

    opened by checkymander 1
  • Async Updates

    Async Updates

    opened by D00MFist 0
  • Update for Mythic 2.2

    Update for Mythic 2.2

    Update for Mythic 2.2

    opened by D00MFist 0
  • Undefined name 'payload'

    Undefined name 'payload'

    Helo, I found: mythic.py:2279:50: F821 undefined name 'payload'

    opened by L3str4nge 0
Owner
D00MFist
D00MFist
Convenient secure logging during development release in Swift 3, 4 5

Colorful, flexible, lightweight logging for Swift 3, Swift 4 & Swift 5. Great for development & release with support for Console, File & cloud platfor

SwiftyBeaver 5.3k Sep 16, 2021
A minimal, beautifully designed music player for OS X.

Sonora A minimal, beautifully designed music player for the Mac Developed by Indragie Karunaratne Designed by Tyler Murphy Sonora (previously sold on

Sonora for Mac 925 Sep 12, 2021
Frugal and native macOS Syncthing application bundle

Syncthing for macOS Introduction syncthing-macos project is a native macOS Syncthing tray application bundle. It bundles its own syncthing instance an

The Syncthing Project 1.3k Sep 19, 2021
An unofficial DevDocs API Documentation viewer for macOS.

DevDocs for macOS An unofficial DevDocs API Documentation viewer for macOS. Features Tabs Global shortcut (Option + Space), customizable Automatic dar

Douglas Teoh 300 Sep 14, 2021
Coronavirus tracker app for iOS & macOS with maps & charts

Coronavirus tracker app for iOS & macOS with maps & charts

Mhd Hejazi 1.4k Sep 19, 2021
A cross-platform Reddit client built in SwiftUI

A cross-platform Reddit client created in SwiftUI. Get the Public Beta Note: This project is far from complete. It still lacks many features of your t

Carson Katri 1.1k Sep 22, 2021
Completed Project for Cross Platform Image Filter SwiftUI macOS & iOS App

Completed Project for Cross Platform Image Filter SwiftUI macOS & iOS App Follow the tutorial at alfianlosari.com Features Filter image using predefin

Alfian Losari 51 Aug 29, 2021
SoundCloud for macOS and Windows

What is SoundCleod? SoundCleod is a desktop application which brings SoundCloud to macOS and Windows without using a web browser. Compared to using So

Márton Salomváry 951 Aug 26, 2021
Menu bar macOS app for running rkt in a macOS hypervisor CoreOS VM.

RktMachine is a macOS menu bar app providing a CoreOS VM using HyperKit and the macOS Hypervisor. It supports developer workflows using the rkt contai

Woof Woof, Inc. 30 Sep 20, 2021
💻 Democratizing Snippet Management (macOS/Win/Linux)

To Lepton users around the world in more than 130 countries: We hope you all stay safe, healthy, and strong as we get through the COVID-19 pandemic. L

CosmoX 8.9k Sep 23, 2021
Jetpack Compose and SwiftUI based Kotlin Multiplatform sample project (based on CityBikes API).

Jetpack Compose and SwiftUI based Kotlin Multiplatform sample project (based on CityBikes API).

John O'Reilly 278 Sep 17, 2021
Create native Mac applications from command line scripts.

Platypus Platypus is a developer tool that creates native Mac applications from command line scripts such as shell scripts or Python, Perl, Ruby, Tcl,

Sveinbjorn Thordarson 1.8k Sep 21, 2021
⏲ macOS app to plan and organize through timezones.

Clocker Clocker is an macOS menubar utility designed to help you keep track of your friends in different time zones. It's written using Objective-C Sw

Abhishek Banthia 399 Sep 7, 2021
a Cocoa GUI for /etc/hosts

Hosts, a system preference pane to manage your hosts file Hosts adds a preference pane to your system preferences which lets you toggle your host file

Voxin Muyli 1.5k Sep 15, 2021
A simple macOS app to preview animations created with Facebook's keyframes framework

Keyframes Player A simple app to preview animations created with Facebook's keyframes framework and export them to Core Animation archives. ⬇️ DOWNLOA

Guilherme Rambo 67 Jan 4, 2021
A desktop app for inspecting your React JS and React Native projects. macOS, Linux, and Windows.

Join our Community Slack Quick Installation Guide What is Reactotron? Reactotron is a macOS, Windows, and Linux app for inspecting your React JS and R

Infinite Red, Inc. 13.2k Sep 24, 2021
A simple shortcut menu for macOS

Shuttle A simple shortcut menu for macOS http://fitztrev.github.io/shuttle/ Sidenote: Many people ask, so here's how I have my terminal setup. Install

Trevor Fitzgerald 4.4k Sep 23, 2021
MacOS Big Sur like theme for Gnome desktops

MacOS Big Sur like theme for Gnome desktops

Vince 1.8k Sep 22, 2021
An open-source SwiftUI Stack Overflow client

StackOv A SwiftUI Stackoverflow client We are currently in the developing process of the next version of StackOv app. The demo version of StackOv is a

Surf 211 Sep 12, 2021