# Comandos Úteis do macOS {% hint style="success" %} Aprenda e pratique Hacking AWS: [**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\ Aprenda e pratique Hacking GCP: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Apoie o HackTricks * Verifique os [**planos de assinatura**](https://github.com/sponsors/carlospolop)! * **Junte-se ao** 💬 [**grupo Discord**](https://discord.gg/hRep4RUj7f) ou ao [**grupo telegram**](https://t.me/peass) ou **siga-nos** no **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.** * **Compartilhe truques de hacking enviando PRs para os repositórios** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud).
{% endhint %} ### Ferramentas de Enumeração Automática do MacOS * **MacPEAS**: [https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS](https://github.com/carlospolop/PEASS-ng/tree/master/linPEAS) * **Metasploit**: [https://github.com/rapid7/metasploit-framework/blob/master/modules/post/osx/gather/enum\_osx.rb](https://github.com/rapid7/metasploit-framework/blob/master/modules/post/osx/gather/enum\_osx.rb) * **SwiftBelt**: [https://github.com/cedowens/SwiftBelt](https://github.com/cedowens/SwiftBelt) ### Comandos Específicos do MacOS ```bash #System info date cal uptime #show time from starting w #list users whoami #this user finger username #info about user uname -a #sysinfo cat /proc/cpuinfo #processor cat /proc/meminfo #memory free #check memory df #check disk launchctl list #List services atq #List "at" tasks for the user sysctl -a #List kernel configuration diskutil list #List connected hard drives nettop #Monitor network usage of processes in top style system_profiler SPSoftwareDataType #System info system_profiler SPPrintersDataType #Printer system_profiler SPApplicationsDataType #Installed Apps system_profiler SPFrameworksDataType #Instaled framework system_profiler SPDeveloperToolsDataType #Developer tools info system_profiler SPStartupItemDataType #Startup Items system_profiler SPNetworkDataType #Network Capabilities system_profiler SPFirewallDataType #Firewall Status system_profiler SPNetworkLocationDataType #Known Network system_profiler SPBluetoothDataType #Bluetooth Info system_profiler SPEthernetDataType #Ethernet Info system_profiler SPUSBDataType #USB info system_profiler SPAirPortDataType #Airport Info #Searches mdfind password #Show all the files that contains the word password mfind -name password #List all the files containing the word password in the name #Open any app open -a --hide #Open app hidden open some.doc -a TextEdit #Open a file in one application #Computer doesn't go to sleep caffeinate & #Screenshot # This will ask for permission to the user screencapture -x /tmp/ss.jpg #Save screenshot in that file #Get clipboard info pbpaste #system_profiler system_profiler --help #This command without arguments take lot of memory and time. system_profiler -listDataTypes system_profiler SPSoftwareDataType SPNetworkDataType #Network arp -i en0 -l -a #Print the macOS device's ARP table lsof -i -P -n | grep LISTEN smbutil statshares -a #View smb shares mounted to the hard drive #networksetup - set or view network options: Proxies, FW options and more networksetup -listallnetworkservices #List network services networksetup -listallhardwareports #Hardware ports networksetup -getinfo Wi-Fi #Wi-Fi info networksetup -getautoproxyurl Wi-Fi #Get proxy URL for Wifi networksetup -getwebproxy Wi-Fi #Wifi Web proxy networksetup -getftpproxy Wi-Fi #Wifi ftp proxy #Brew brew list #List installed brew search #Search package brew info brew install brew uninstall brew cleanup #Remove older versions of installed formulae. brew cleanup #Remove older versions of specified formula. #Make the machine talk say hello -v diego #spanish: diego, Jorge, Monica #mexican: Juan, Paulina #french: Thomas, Amelie ########### High privileges actions sudo purge #purge RAM #Sharing preferences sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist (enable ssh) sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist (disable ssh) #Start apache sudo apachectl (start|status|restart|stop) ##Web folder: /Library/WebServer/Documents/ #Remove DNS cache dscacheutil -flushcache sudo killall -HUP mDNSResponder ``` ### Software e Serviços Instalados Verifique aplicativos **suspeitos** instalados e **privilégios** sobre os recursos instalados: ``` system_profiler SPApplicationsDataType #Installed Apps system_profiler SPFrameworksDataType #Instaled framework lsappinfo list #Installed Apps launchctl list #Services ``` ### Processos do Usuário ```bash # will print all the running services under that particular user domain. launchctl print gui/ # will print all the running services under root launchctl print system # will print detailed information about the specific launch agent. And if it’s not running or you’ve mistyped, you will get some output with a non-zero exit code: Could not find service “com.company.launchagent.label” in domain for login launchctl print gui//com.company.launchagent.label ``` ### Criar um usuário Sem prompts
{% hint style="success" %} Aprenda e pratique Hacking AWS:[**Treinamento HackTricks AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\ Aprenda e pratique Hacking GCP: [**Treinamento HackTricks GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Apoie o HackTricks * Verifique os [**planos de assinatura**](https://github.com/sponsors/carlospolop)! * **Junte-se ao** 💬 [**grupo Discord**](https://discord.gg/hRep4RUj7f) ou ao [**grupo telegram**](https://t.me/peass) ou **siga-nos** no **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.** * **Compartilhe truques de hacking enviando PRs para os repositórios** [**HackTricks**](https://github.com/carlospolop/hacktricks) e [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud).
{% endhint %}