# Comandi Utili per macOS {% hint style="success" %} Impara e pratica l'Hacking su AWS:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\ Impara e pratica l'Hacking su GCP: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Sostieni HackTricks * Controlla i [**piani di abbonamento**](https://github.com/sponsors/carlospolop)! * **Unisciti al** 💬 [**gruppo Discord**](https://discord.gg/hRep4RUj7f) o al [**gruppo telegram**](https://t.me/peass) o **seguici** su **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.** * **Condividi trucchi di hacking inviando PR ai** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repository di Github.
{% endhint %} ### Strumenti di Enumerazione Automatica per macOS * **MacPEAS**: [https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS](https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS) * **Metasploit**: [https://github.com/rapid7/metasploit-framework/blob/master/modules/post/osx/gather/enum\_osx.rb](https://github.com/rapid7/metasploit-framework/blob/master/modules/post/osx/gather/enum\_osx.rb) * **SwiftBelt**: [https://github.com/cedowens/SwiftBelt](https://github.com/cedowens/SwiftBelt) ### Comandi Specifici per macOS ```bash #System info date cal uptime #show time from starting w #list users whoami #this user finger username #info about user uname -a #sysinfo cat /proc/cpuinfo #processor cat /proc/meminfo #memory free #check memory df #check disk launchctl list #List services atq #List "at" tasks for the user sysctl -a #List kernel configuration diskutil list #List connected hard drives nettop #Monitor network usage of processes in top style system_profiler SPSoftwareDataType #System info system_profiler SPPrintersDataType #Printer system_profiler SPApplicationsDataType #Installed Apps system_profiler SPFrameworksDataType #Instaled framework system_profiler SPDeveloperToolsDataType #Developer tools info system_profiler SPStartupItemDataType #Startup Items system_profiler SPNetworkDataType #Network Capabilities system_profiler SPFirewallDataType #Firewall Status system_profiler SPNetworkLocationDataType #Known Network system_profiler SPBluetoothDataType #Bluetooth Info system_profiler SPEthernetDataType #Ethernet Info system_profiler SPUSBDataType #USB info system_profiler SPAirPortDataType #Airport Info #Searches mdfind password #Show all the files that contains the word password mfind -name password #List all the files containing the word password in the name #Open any app open -a --hide #Open app hidden open some.doc -a TextEdit #Open a file in one application #Computer doesn't go to sleep caffeinate & #Screenshot # This will ask for permission to the user screencapture -x /tmp/ss.jpg #Save screenshot in that file #Get clipboard info pbpaste #system_profiler system_profiler --help #This command without arguments take lot of memory and time. system_profiler -listDataTypes system_profiler SPSoftwareDataType SPNetworkDataType #Network arp -i en0 -l -a #Print the macOS device's ARP table lsof -i -P -n | grep LISTEN smbutil statshares -a #View smb shares mounted to the hard drive #networksetup - set or view network options: Proxies, FW options and more networksetup -listallnetworkservices #List network services networksetup -listallhardwareports #Hardware ports networksetup -getinfo Wi-Fi #Wi-Fi info networksetup -getautoproxyurl Wi-Fi #Get proxy URL for Wifi networksetup -getwebproxy Wi-Fi #Wifi Web proxy networksetup -getftpproxy Wi-Fi #Wifi ftp proxy #Brew brew list #List installed brew search #Search package brew info brew install brew uninstall brew cleanup #Remove older versions of installed formulae. brew cleanup #Remove older versions of specified formula. #Make the machine talk say hello -v diego #spanish: diego, Jorge, Monica #mexican: Juan, Paulina #french: Thomas, Amelie ########### High privileges actions sudo purge #purge RAM #Sharing preferences sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist (enable ssh) sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist (disable ssh) #Start apache sudo apachectl (start|status|restart|stop) ##Web folder: /Library/WebServer/Documents/ #Remove DNS cache dscacheutil -flushcache sudo killall -HUP mDNSResponder ``` ### Software e Servizi Installati Controlla le applicazioni **sospette** installate e i **privilegi** sulle risorse installate: ``` system_profiler SPApplicationsDataType #Installed Apps system_profiler SPFrameworksDataType #Instaled framework lsappinfo list #Installed Apps launchctl list #Services ``` ### Processi Utente ```bash # will print all the running services under that particular user domain. launchctl print gui/ # will print all the running services under root launchctl print system # will print detailed information about the specific launch agent. And if it’s not running or you’ve mistyped, you will get some output with a non-zero exit code: Could not find service “com.company.launchagent.label” in domain for login launchctl print gui//com.company.launchagent.label ``` ### Crea un utente Senza prompt
{% hint style="success" %} Impara e pratica l'hacking su AWS:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\ Impara e pratica l'hacking su GCP: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Supporta HackTricks * Controlla i [**piani di abbonamento**](https://github.com/sponsors/carlospolop)! * **Unisciti al** 💬 [**gruppo Discord**](https://discord.gg/hRep4RUj7f) o al [**gruppo telegram**](https://t.me/peass) o **seguici** su **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.** * **Condividi trucchi di hacking inviando PR a** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}