Prompt Error: Can't convert types.

MythicAgents / apfell

JavaScript for Automation (JXA) macOS agent

62 stars 15 forks source link

Prompt Error: Can't convert types. #1

Closed HSIS007 closed 2 years ago

HSIS007 commented 3 years ago

Getting below error while using prompt from Apfell payload. prompt {"answer":"","icon":"/System/Library/CoreServices/Software Update.app/Contents/Resources/SoftwareUpdate.icns","text":"An application needs permission to update","title":"Application Needs to Update"} Error: Can't convert types.

Mythic_Error

its-a-feature commented 3 years ago

Can you provide a bit more context? What version of macOS are you running this on?

HSIS007 commented 3 years ago

Below is the system info output. BigSur 11.4 system_info { "applescriptVersion": "2.7", "applescriptStudioVersion": "1.5.3", "systemVersion": "11.4", "shortUserName": "root", "longUserName": "System Administrator", "userID": null, "userLocale": "en", "homeDirectory": {}, "bootVolume": "Macintosh HD:", "computerName": "MacBook Pro", "hostName": "MacBook-Pro.local", "ipv4Address": "192.168.0.66", "primaryEthernetAddress": "", "cpuType": "Intel x86-64h Haswell", "cpuSpeed": 2000, "physicalMemory": 8192 }

HSIS007 commented 3 years ago

I am also getting error with list_users command.

Mythic_Error_list_users

its-a-feature commented 3 years ago

Yup, just tested on an 11.1 machine and those both seem to have issues in Big Sur. Hopefully they'll be easy updates. Thank you for catching that

its-a-feature commented 3 years ago

So, following up on this, it appears that for the prompt issue is actually JXA's way of indicating that the icon specified doesn't exist. Before Big Sur, that icon was located at:

/System/Library/CoreServices/Software Update.app/Contents/Resources/SoftwareUpdate.icns

but in Big Sur that icon moved to:

"/System/Library/PreferencePanes/SoftwareUpdate.prefPane/Contents/Resources/SoftwareUpdate.icns"

It appears that the path was updated in the code, but the default value for the UI popup wasn't changed, so that's a good catch.

For the list_users, it appears as though the CBIdentity isn't available through the Objective C bridge as part of the "Collaboration" services anymore. D00mfist got a workaround for it in the test_password command, but we'll have to figure out a solution here.

HSIS007 commented 3 years ago

Ok great, thank you for the response. I will test it tomorrow first thing.

HSIS007 commented 3 years ago

Changing the icns file path worked for me, thank you so much.

D00MFist commented 3 years ago

Sorry I'm seeing this late but added a pull request to address the list_users command. My bad when testing I was using specific groups and missed the "all" enumeration. Had to change the functionality a little bit so it now always enumerates by groups using the Collaboration API.

Also if you want to enumerate local users using the Open Directory API then theGet_LocalUser function in Orchard can accomplish this.