# macOS Nuttige Opdragte
Leer AWS-hacking vanaf nul tot held met htARTE (HackTricks AWS Red Team Expert)! Ander maniere om HackTricks te ondersteun: * As jy jou **maatskappy geadverteer wil sien in HackTricks** of **HackTricks in PDF wil aflaai** Kyk na die [**INSKRYWINGSPLANNE**](https://github.com/sponsors/carlospolop)! * Kry die [**amptelike PEASS & HackTricks swag**](https://peass.creator-spring.com) * Ontdek [**Die PEASS Familie**](https://opensea.io/collection/the-peass-family), ons versameling eksklusiewe [**NFTs**](https://opensea.io/collection/the-peass-family) * **Sluit aan by die** 💬 [**Discord-groep**](https://discord.gg/hRep4RUj7f) of die [**telegram-groep**](https://t.me/peass) of **volg** ons op **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.** * **Deel jou haktruuks deur PR's in te dien by die** [**HackTricks**](https://github.com/carlospolop/hacktricks) en [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github-opslag.
### MacOS Outomatiese Opsomming Gereedskap * **MacPEAS**: [https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS](https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS) * **Metasploit**: [https://github.com/rapid7/metasploit-framework/blob/master/modules/post/osx/gather/enum\_osx.rb](https://github.com/rapid7/metasploit-framework/blob/master/modules/post/osx/gather/enum\_osx.rb) * **SwiftBelt**: [https://github.com/cedowens/SwiftBelt](https://github.com/cedowens/SwiftBelt) ### Spesifieke MacOS Opdragte ```bash #System info date cal uptime #show time from starting w #list users whoami #this user finger username #info about user uname -a #sysinfo cat /proc/cpuinfo #processor cat /proc/meminfo #memory free #check memory df #check disk launchctl list #List services atq #List "at" tasks for the user sysctl -a #List kernel configuration diskutil list #List connected hard drives nettop #Monitor network usage of processes in top style system_profiler SPSoftwareDataType #System info system_profiler SPPrintersDataType #Printer system_profiler SPApplicationsDataType #Installed Apps system_profiler SPFrameworksDataType #Instaled framework system_profiler SPDeveloperToolsDataType #Developer tools info system_profiler SPStartupItemDataType #Startup Items system_profiler SPNetworkDataType #Network Capabilities system_profiler SPFirewallDataType #Firewall Status system_profiler SPNetworkLocationDataType #Known Network system_profiler SPBluetoothDataType #Bluetooth Info system_profiler SPEthernetDataType #Ethernet Info system_profiler SPUSBDataType #USB info system_profiler SPAirPortDataType #Airport Info #Searches mdfind password #Show all the files that contains the word password mfind -name password #List all the files containing the word password in the name #Open any app open -a --hide #Open app hidden open some.doc -a TextEdit #Open a file in one application #Computer doesn't go to sleep caffeinate & #Screenshot # This will ask for permission to the user screencapture -x /tmp/ss.jpg #Save screenshot in that file #Get clipboard info pbpaste #system_profiler system_profiler --help #This command without arguments take lot of memory and time. system_profiler -listDataTypes system_profiler SPSoftwareDataType SPNetworkDataType #Network arp -i en0 -l -a #Print the macOS device's ARP table lsof -i -P -n | grep LISTEN smbutil statshares -a #View smb shares mounted to the hard drive #networksetup - set or view network options: Proxies, FW options and more networksetup -listallnetworkservices #List network services networksetup -listallhardwareports #Hardware ports networksetup -getinfo Wi-Fi #Wi-Fi info networksetup -getautoproxyurl Wi-Fi #Get proxy URL for Wifi networksetup -getwebproxy Wi-Fi #Wifi Web proxy networksetup -getftpproxy Wi-Fi #Wifi ftp proxy #Brew brew list #List installed brew search #Search package brew info brew install brew uninstall brew cleanup #Remove older versions of installed formulae. brew cleanup #Remove older versions of specified formula. #Make the machine talk say hello -v diego #spanish: diego, Jorge, Monica #mexican: Juan, Paulina #french: Thomas, Amelie ########### High privileges actions sudo purge #purge RAM #Sharing preferences sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist (enable ssh) sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist (disable ssh) #Start apache sudo apachectl (start|status|restart|stop) ##Web folder: /Library/WebServer/Documents/ #Remove DNS cache dscacheutil -flushcache sudo killall -HUP mDNSResponder ``` ### Geïnstalleerde sagteware en dienste Kyk vir **verdagte** toepassings wat geïnstalleer is en **bevoegdhede** oor die geïnstalleerde hulpbronne: ``` system_profiler SPApplicationsDataType #Installed Apps system_profiler SPFrameworksDataType #Instaled framework lsappinfo list #Installed Apps launchctl list #Services ``` ### Gebruikerprosesse ```bash # will print all the running services under that particular user domain. launchctl print gui/ # will print all the running services under root launchctl print system # will print detailed information about the specific launch agent. And if it’s not running or you’ve mistyped, you will get some output with a non-zero exit code: Could not find service “com.company.launchagent.label” in domain for login launchctl print gui//com.company.launchagent.label ``` ### Skep 'n gebruiker Sonner voorstelle
Leer AWS-hacking vanaf nul tot held met htARTE (HackTricks AWS Red Team Expert)! Ander maniere om HackTricks te ondersteun: * As jy wil sien dat jou **maatskappy geadverteer word in HackTricks** of **HackTricks aflaai in PDF-formaat** Kyk na die [**INSKRYWINGSPLANNE**](https://github.com/sponsors/carlospolop)! * Kry die [**amptelike PEASS & HackTricks swag**](https://peass.creator-spring.com) * Ontdek [**Die PEASS-familie**](https://opensea.io/collection/the-peass-family), ons versameling eksklusiewe [**NFT's**](https://opensea.io/collection/the-peass-family) * **Sluit aan by die** 💬 [**Discord-groep**](https://discord.gg/hRep4RUj7f) of die [**telegram-groep**](https://t.me/peass) of **volg** ons op **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.** * **Deel jou haktruuks deur PR's in te dien by die** [**HackTricks**](https://github.com/carlospolop/hacktricks) en [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github-opslag.