Created
December 10, 2019 21:00
-
-
Save antlauzon/5e8e159858b0130fb0eb29f1bbd3f474 to your computer and use it in GitHub Desktop.
Crudg0r Secops Amputation Technology
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| SafeEjectGPUAgent | |
| bluetooth | |
| CacheDelete | |
| socketfilterfw | |
| Air | |
| ScopedBookmarkAgent | |
| uninstall | |
| ookmark | |
| .xpc | |
| ProtectedCloud | |
| callservice | |
| bird | |
| racoon | |
| CloudDocsDaemon | |
| colorsync | |
| analytics | |
| irport | |
| netlogon | |
| universalaccessd | |
| icdd | |
| colorsyncd | |
| CoreCDP | |
| ctkahp | |
| FindMyMacd | |
| contactsdonation | |
| ThumbnailsAgent | |
| CVMCompiler | |
| GenerationalStorage | |
| backupd | |
| findmydeviced | |
| helpd | |
| ProtectedCloudKeySyncing | |
| PrintUI | |
| photolibraryd | |
| softwareupdate_notify_agent | |
| autofsd | |
| backupd-helper | |
| CMFSyncAgent | |
| CoreLocationAgent | |
| cloudphotosd | |
| CVMServer | |
| mdmclient | |
| icdd | |
| imagent.app | |
| sharedfilelistd | |
| backupd-helper | |
| cloudpaird | |
| CommerceKit | |
| PassKitCore | |
| AddressBookSourceSync | |
| CoreSuggestions | |
| CallHistory | |
| MediaRemote | |
| SocialPushAgent | |
| backgroundtaskmanagementagent | |
| SubmitDiagInfo | |
| bluetoothd | |
| corebrightnessd | |
| master | |
| sharingd | |
| AirPlayUIAgent | |
| SpeechSynthesis | |
| Noticeboard | |
| cupsd | |
| diagnostics_agent | |
| cloud_paird | |
| mDNSResponderHelper | |
| Telephony | |
| MTLCompilerService.xpc | |
| authd.xpc | |
| ATS.framework | |
| com.apple.audio.SandboxHelper.xpc | |
| amfid | |
| AirPlayXPCHelper | |
| socketfilter | |
| elephony | |
| CommCenter | |
| CrashReporter | |
| com.apple.dock.extra.xpc | |
| IMRemoteURLConnectionAgent.xpc | |
| InputMethodKit.framework | |
| ReportCrash | |
| system_installd | |
| AppleSpell | |
| rtcreportingd | |
| ctkd | |
| airplay | |
| Wireless | |
| spotlight | |
| powerd | |
| postfix | |
| postdrop | |
| sendmail | |
| master | |
| wireless | |
| trivial-rewrite | |
| pickup | |
| cleanup | |
| _fpsd | |
| _locationd | |
| _spotlight | |
| _applepay | |
| _gamecontrollerd | |
| _ctkd | |
| _amavisd | |
| _avbdeviced | |
| _netbiosd | |
| _netbios | |
| _clamav | |
| _cvmsroot | |
| _cvs | |
| _cyrus | |
| _devdocs | |
| _dovecot | |
| _dovenull | |
| _ftp | |
| _jabber | |
| _kadmin_admin | |
| _kadmin_changepw | |
| _krb_anonymous | |
| _krb_changepw | |
| _krb_kadmin | |
| _krb_kerberos | |
| _krb_krbtgt | |
| _krbfast | |
| _krbtgt | |
| _lp | |
| _mailman | |
| _mcxalr | |
| _mysql | |
| _ondemand | |
| _postfix | |
| _postgres | |
| _qtss | |
| _scsd | |
| _sshd | |
| _svn | |
| _taskgated | |
| _teamsserver | |
| _update_sharing | |
| _uucp | |
| _warmd | |
| _webauthserver | |
| _www | |
| _wwwproxy | |
| _xserverdocs | |
| _analyticsd | |
| _appleevents | |
| _applepay | |
| _appowner | |
| _appserver | |
| _appstore | |
| _ard | |
| _assetcache | |
| _astris | |
| _atsserver | |
| _calendar | |
| _captiveagent | |
| _ces | |
| _cmiodalassistants | |
| _coreaudiod | |
| _coremediaiod | |
| _ctkd | |
| _datadetectors | |
| _devicemgr | |
| _displaypolicyd | |
| _distnote | |
| _dpaudio | |
| _eppc | |
| _findmydevice | |
| _fpsd | |
| _gamecontrollerd | |
| _geod | |
| _hidd | |
| _iconservices | |
| _installassistant | |
| _installer | |
| _launchservicesd | |
| _lda | |
| _locationd | |
| _mbsetupuser | |
| _mdnsresponder | |
| _mobileasset | |
| _netbios | |
| _netstatistics | |
| _networkd | |
| _nsurlsessiond | |
| _nsurlstoraged | |
| _sandbox | |
| _screensaver | |
| _securityagent | |
| _serialnumberd | |
| _softwareupdate | |
| _spotlight | |
| _timed | |
| _timezone | |
| _tokend | |
| _trustevaluationagent | |
| _unknown | |
| _usbmuxd | |
| _windowserver | |
| adl | |
| daemon | |
| nobody | |
| root | |
| _amavisd | |
| _analyticsd | |
| _appleevents | |
| _applepay | |
| _appowner | |
| _appserver | |
| _appstore | |
| _ard | |
| _assetcache | |
| _astris | |
| _atsserver | |
| _avbdeviced | |
| _calendar | |
| _captiveagent | |
| _ces | |
| _clamav | |
| _cmiodalassistants | |
| _coreaudiod | |
| _coremediaiod | |
| _ctkd | |
| _cvmsroot | |
| _cvs | |
| _cyrus | |
| _datadetectors | |
| _devdocs | |
| _devicemgr | |
| _displaypolicyd | |
| _distnote | |
| _dovecot | |
| _dovenull | |
| _dpaudio | |
| _eppc | |
| _findmydevice | |
| _fpsd | |
| _ftp | |
| _gamecontrollerd | |
| _geod | |
| _hidd | |
| _iconservices | |
| _installassistant | |
| _installer | |
| _jabber | |
| _kadmin_admin | |
| _kadmin_changepw | |
| _krb_anonymous | |
| _krb_changepw | |
| _krb_kadmin | |
| _krb_kerberos | |
| _krb_krbtgt | |
| _krbfast | |
| _krbtgt | |
| _launchservicesd | |
| _lda | |
| _locationd | |
| _lp | |
| _mailman | |
| _mbsetupuser | |
| _mcxalr | |
| _mdnsresponder | |
| _mobileasset | |
| _mysql | |
| _netbios | |
| _netstatistics | |
| _networkd | |
| _nsurlsessiond | |
| _nsurlstoraged | |
| _ondemand | |
| _postfix | |
| _postgres | |
| _qtss | |
| _sandbox | |
| _screensaver | |
| _scsd | |
| _securityagent | |
| _serialnumberd | |
| _softwareupdate | |
| _spotlight | |
| _sshd | |
| _svn | |
| _taskgated | |
| _teamsserver | |
| _timed | |
| _timezone | |
| _tokend | |
| _trustevaluationagent | |
| _unknown | |
| _update_sharing | |
| _usbmuxd | |
| _uucp | |
| _warmd | |
| _webauthserver | |
| _windowserver | |
| _www | |
| _wwwproxy | |
| _xserverdocs | |
| adl | |
| daemon | |
| nobody | |
| root | |
| #!/bin/bash | |
| # for posterity | |
| sysctl -w kern.coredump=1 | |
| launchctl limit core unlimited | |
| ulimit -c unlimited | |
| launchctl limit core unlimited | |
| ulimit -c unlimited | |
| kill -ABRT $1 | |
| #!/bin/bash | |
| CDMP=/private/var/root/bin/cdmp | |
| IFS=' | |
| ' | |
| PID=$$ | |
| ps aux | grep [c]dshit | grep -v $PID | awk '{print $2}' | xargs -I{} kill -9 {} | |
| for i in {1..60}; do | |
| cat /private/var/root/bin/SHIT_US0RS >> /tmp/SHIT_SHIT_N_SHIT | |
| cat /private/var/root/bin/SEMISHIT_US0RS >> /tmp/SHIT_SHIT_N_SHIT | |
| cat /private/var/root/bin/PROCSHIT >> /tmp/SHIT_SHIT_N_SHIT | |
| PSAUX=/tmp/$(uuidgen).tmp | |
| ps aux > $PSAUX | |
| for u in $(cat /tmp/SHIT_SHIT_N_SHIT); do | |
| cat $PSAUX | grep -v zsh | grep -v \/ | grep -v bash | awk '{print $2}' | xargs -I{} kill -9 {} | |
| cat $PSAUX | grep $u | awk '{print $2}' | xargs -I{} kill -9 {} | |
| cat $PSAUX | grep System | grep XPCServices | awk '{print $2}' | xargs -I{} kill -9 {} | |
| done | |
| sleep 1 | |
| done | |
| #!/bin/bash | |
| dscl . -list /Users > /tmp/TEJ_TEJ_US0RS | |
| diff /private/var/root/bin/TEJ_TEJ_US0RS /tmp/TEJ_TEJ_US0RS | grep '> ' | sed 's/> //g' > /tmp/SHITT0RS | |
| cat /private/var/root/bin/SHIT_US0RS >> /tmp/SHITT0RS | |
| IFS=' | |
| ' | |
| for u in $(cat /tmp/SHITT0RS | ggrep -vP '^#'); do | |
| echo /usr/bin/dscl . -delete /Users $u | |
| /usr/bin/dscl . -delete /Users/$u | |
| echo $u | |
| pwstiz=/tmp/$(uuidgen).sh | |
| echo /usr/local/bin/gsed -i "s/${u}/#${u}/g" /etc/.pweee > ${pwstiz} | |
| echo ${pwstiz} | |
| bash ${pwstiz} | |
| cp /etc/.pweee /etc/passwd | |
| /usr/local/bin/gsed -i "s/$u/#$u/g" /etc/master.passwd | |
| done | |
| #!/bin/bash | |
| gsed -i 's/tty/#tty/g' /etc/ttys |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment