Closed akshay-1994 closed 3 years ago
l0gan
commented
3 years ago This error is seen when you are not using a self signed certificate. If you replace the posh.crt and posh.key with a valid certificate, or use a redirector with a valid certificate, then you won't see that error. Apple will only allow connection using a trusted certificate.
akshay-1994
commented
3 years ago Hi @l0gan I generated the self-signed certificate using the following command on a Linux server -
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /var/poshc2/
After that I copied the dropper from /var/poshc2/payloads/dropper_jxa.js and executed the same on my Mac machine. Still got the same error as mentioned above. Am I missing something? Do I need to do some more configuration?
Please help me debug.
l0gan
commented
3 years ago @akshay-1994 You will need to use a certificate from a trusted certification authority. Self-signed certificates will not work. You can use LetsEncrypt, or any of the other certificate authorities out there to obtain a trusted certificate. If you join the Slack channel we can help out a bit more than here.
riskydissonance
commented
3 years ago Closing issue, any further issues feel free to re-open.
Hi,
I was testing the JXA payload dropper_jxa.js on my local MacOS machine - ProductVersion: 10.15.7 BuildVersion: 19H524
I was unable to execute the code with osascript as mentioned here - https://labs.nettitude.com/blog/poshc2-introducing-native-macos-implants/
Branch - Master
Error Log - Error: exception raised by object: *** -[_NSPlaceholderData initWithBase64Encoding:]: nil string argument TypeError: Object is not a function
I am unable to run the js code on my local machine.
How can I debug?