Skip to content

Instantly share code, notes, and snippets.

Avatar

Sabri pwnsdx

View GitHub Profile
View disable.sh
#!/bin/bash
# IMPORTANT: Don't forget to logout from your Apple ID in the settings before running it!
# IMPORTANT: You will need to run this script from Recovery. In fact, macOS Catalina brings read-only filesystem which prevent this script from working from the main OS.
# This script needs to be run from the volume you wish to use.
# E.g. run it like this: cd /Volumes/Macintosh\ HD && sh /Volumes/Macintosh\ HD/Users/sabri/Desktop/disable.sh
# WARNING: It might disable things that you may not like. Please double check the services in the TODISABLE vars.
# Get active services: launchctl list | grep -v "\-\t0"
# Find a service: grep -lR [service] /System/Library/Launch* /Library/Launch* ~/Library/LaunchAgents
@pwnsdx
pwnsdx / nosleep.sh
Last active Jun 21, 2021
Completely disable sleep on any Mac
View nosleep.sh
# Useful to prevent Macbooks to go to sleep when closing the lid instead of running tools that requires a Kernel Extension (e.g. InsomniaX) and more
# Before doing anything, save your current configuration using
pmset -g
# To disable sleep
sudo pmset -a sleep 0; sudo pmset -a hibernatemode 0; sudo pmset -a disablesleep 1;
# And to go back to normal
sudo pmset -a sleep 1; sudo pmset -a hibernatemode [original hibernatemode value]; sudo pmset -a disablesleep 0;
@pwnsdx
pwnsdx / 62078.md
Last active Jun 21, 2021
How to finally disable this ******* Wi-Fi Sync port (62078) on iOS (testers wanted)
View 62078.md

Hi there,

Why should I disable this port?

Apple enable this port by default if you want Wi-Fi Sync. The problem is, I (and probably you) never used this so this port should not be open. Enabling this port by default is a security risk as there is always an undocumented service (lockdownd) listening on this port.

This is an non-exhaustive list of what you are exposing to if you don't close this port:

  • If an attacker get the pairing keys of your iDevice, he can dump the whole content of your device transparently as soon as he is on the same network as you (at Home, Work, in a Café, in a Fast Food etc) or if he have access to your cellular network (yes, the port is open on all interfaces including cellular) e.g. if the NSA have access to AT&T network or if DGSE have access to Orange network (which is true: http://www.france24.com/fr/20140320-dgse-renseignement-espionage-nsa-donnees-operateur-orange-snowden/ ) or even if your neighbor have set up a IMSI-Catcher.
  • It make the iOS device easily identifiab
View safari-reaper.html
<!DOCTYPE html>
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
body {
background: repeat url('data:image/jpeg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/7QCIUGhvdG9zaG9wIDMuMAA4QklNBAQAAAAAAGscAVoAAxslRxwCAAACAAAcAnQAV8KpIENoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbGQgLSBodHRwOi8vd3d3LnJlZGJ1YmJsZS5jb20vcGVvcGxlL0NoYWV5b3VuZ1dpbGxOZXZlckNoYWVvbAD/4gxYSUNDX1BST0ZJTEUAAQEAAAxITGlubwIQAABtbnRyUkdCIFhZWiAHzgACAAkABgAxAABhY3NwTVNGVAAAAABJRUMgc1JHQgAAAAAAAAAAAAAAAAAA9tYAAQAAAADTLUhQICAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABFjcHJ0AAABUAAAADNkZXNjAAABhAAAAGx3dHB0AAAB8AAAABRia3B0AAACBAAAABRyWFlaAAACGAAAABRnWFlaAAACLAAAABRiWFlaAAACQAAAABRkbW5kAAACVAAAAHBkbWRkAAACxAAAAIh2dWVkAAADTAAAAIZ2aWV3AAAD1AAAACRsdW1pAAAD+AAAABRtZWFzAAAEDAAAACR0ZWNoAAAEMAAAAAxyVFJDAAAEPAAACAxnVFJDAAAEPAAACAxiVFJDAAAEPAAACAx0ZXh0AAAAAENvcHlyaWdodCAoYykgMTk5OCBIZXdsZXR0LVBhY2thcmQgQ29tcGFueQAAZGVzYwAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAABJzUkdCIElFQzYxOTY2LTIuMQAAAAAAAA
View firefox-reaper.html
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>Firefox DoS ❄️</title>
</head>
<body>
</body>
<script>
@pwnsdx
pwnsdx / uninstall_vmware.sh
Last active Jun 17, 2021 — forked from boneskull/uninstall_vmware.sh
Completely uninstall VMWare on macOS
View uninstall_vmware.sh
#!/usr/bin/env bash
# Usage: bash uninstall_vmware.bash
remove() {
entry="$1"
echo -ne "Removing $entry ["
sudo rm -rf "$entry"
if [[ ! -e "$entry" ]]; then
echo -ne "OK"
@pwnsdx
pwnsdx / disable.sh
Last active May 23, 2021
Disable bunch of #$!@ in Sierra (Version 2.1). Using Catalina? Check https://gist.github.com/pwnsdx/1217727ca57de2dd2a372afdd7a0fc21
View disable.sh
#!/bin/bash
# IMPORTANT: You will need to disable SIP aka Rootless in order to fully execute this script, you can reenable it after.
# WARNING: It might disable things that you may not like. Please double check the services in the TODISABLE vars.
# Get active services: launchctl list | grep -v "\-\t0"
# Find a service: grep -lR [service] /System/Library/Launch* /Library/Launch* ~/Library/LaunchAgents
# Agents to disable
TODISABLE=('com.apple.security.keychainsyncingoveridsproxy' 'com.apple.personad' 'com.apple.passd' 'com.apple.screensharing.MessagesAgent' 'com.apple.CommCenter-osx' 'com.apple.Maps.mapspushd' 'com.apple.Maps.pushdaemon' 'com.apple.photoanalysisd' 'com.apple.telephonyutilities.callservicesd' 'com.apple.AirPlayUIAgent' 'com.apple.AirPortBaseStationAgent' 'com.apple.CalendarAgent' 'com.apple.DictationIM' 'com.apple.iCloudUserNotifications' 'com.apple.familycircled' 'com.apple.familycontrols.useragent' 'com.apple.familynotificationd' 'com.apple.gamed' 'com.apple.icloud.findmydeviced.findmydevi
@pwnsdx
pwnsdx / gist:d127873e24cef159d4d603accaf37ee4
Last active Apr 24, 2021 — forked from tonymtz/gist:714e73ccb79e21c4fc9c
Uninstall XQuartz.app from OSX Yosemite/El Capitan/Sierra
View gist:d127873e24cef159d4d603accaf37ee4
launchctl unload /Library/LaunchAgents/org.macosforge.xquartz.startx.plist && \
sudo launchctl unload /Library/LaunchDaemons/org.macosforge.xquartz.privileged_startx.plist && \
sudo rm -rf /opt/X11* /Library/Launch*/org.macosforge.xquartz.* /Applications/Utilities/XQuartz.app /etc/*paths.d/*XQuartz && \
sudo pkgutil --forget org.macosforge.xquartz.pkg && \
rm -rf ~/.serverauth* && rm -rf ~/.Xauthorit* && rm -rf ~/.cache && rm -rf ~/.rnd && \
rm -rf ~/Library/Caches/org.macosforge.xquartz.X11 && rm -rf ~/Library/Logs/X11
@pwnsdx
pwnsdx / torrc-defaults
Last active Apr 1, 2021
Prevent Tor from connecting to Five-Eyes countries
View torrc-defaults
# Add this in the Tor config file
# Exclude Nodes of all of these countries
# Five Eyes: U.S., Australia, Canada, New Zealand, U.K. (also added France because it's becoming worst than the Five Eyes)
ExcludeNodes {fr}
ExcludeExitNodes {us},{au},{ca},{nz},{gb},{fr}
@pwnsdx
pwnsdx / ff.sh
Last active Mar 10, 2021
Multiple low severity issues in Little Flocker (<=0.3.1)
View ff.sh
# - An attacker can prevent the agent from showing the app icon (via /dev/null)
mknod /tmp/LittleFlockerTemp.png c 1 3
# - A file with a long name can hide buttons when the popup appear
touch $(printf '\r%.0s' {1..254})$(printf "\x00\x02")
nano $(printf '\r%.0s' {1..254})$(printf "\x00\x02")
# - Little Flocker does not watch every startup folders/files therefore an
# attacker can create startup items at these places (thanks Patrick Wardle):