search

lucasjacks0n / EggShell

iOS/macOS/Linux Remote Administration Tool
GNU General Public License v2.0
1.65k stars 381 forks source link

Backdoor on iOS? #54

Open Virgula0 opened 7 years ago

Virgula0 commented 7 years ago

it's works only on iOS jailbroken if I have understand correctly... But if I try to code a backdoor for iOS with Xcode with system(""), there is a warning that warn me that system is deprecated from iOS 8... It works the same also if there is this warn? And could you also add no-ip compatibility for static ip address out of local network?

lucasjacks0n commented 7 years ago

lookup nstask for getting rid of the deprecation warning -> https://stackoverflow.com/questions/17976289/executing-shell-commands-with-nstask-objective-c-cocoa As for the no-ip compatibility, what do you mean exactly? You can port forward your router that your server is running on and have an ip from outside the network connect to your router ip on a port, then forward that connection to an internal ip on your network

Virgula0 commented 7 years ago

Yeah it's right, but you could have a router that doesn't supports static ip and with no-ip you can resolve this problem. Try it...it works also in linux. To implement it in this software in my opnion you have only to remove the checking about integer value when you insert your ip....

About your link, that code with NStask works only on Mac OS and not for iOS if you read on internet. So how can I code a backdoor for iOS? On Mac OS X I have understand that is easy and there are a lot of methods. Maybe you already have an open source backdoor example that works with your EggShell for iOS?

Another question, I tried to hijack my accountt with getfacebook on Mac osx but cookies c_user and xs doesn't exists.... Picture below

schermata 2017-07-27 alle 13 02 16

But ignoring everything, your work is very good! :)

lucasjacks0n commented 7 years ago

eggshell does have dns support in replace of ip addresses, also, getfacebook only works with safari, it looks like your using chrome

Virgula0 commented 7 years ago

I have use getfacebook for get cookies of a session of my Facebook on safari, then I'm trying to hijack my account by using edit cookie extension on chrome..... But I don't understand where insert c_user and xs cookies because there aren't when I visit Facebook.com like the picture above.

lucasjacks0n commented 7 years ago

oh, you create a new cookie field, click the "+" button and insert the new key values

Virgula0 commented 7 years ago

Yeah I have already set as you have said but it seems doesn't work .... I don't understand ...

schermata 2017-07-27 alle 19 07 01
Virgula0 commented 7 years ago

And what about also to add a key logger command?

nerdtron123 commented 6 years ago

There’s already a keylogger command

rpwnage commented 3 years ago

No there isn't