EvilOSX is a pure python, post-exploitation, RAT (Remote Administration Tool) for macOS / OSX.

• Emulate a simple terminal instance.
• Sockets are encrypted with CSR via OpenSSL.
• No dependencies (pure python).
• Persistence.
• Retrieve Chrome passwords.
• Retrieve iCloud contacts.
• Attempt to get iCloud password via phishing.
• Show local iOS backups.
• Retrieve find my iphone devices.
• Attempt to get root via local privilege escalation (<= 10.10.5).
• Auto installer, simply run EvilOSX on the target and the rest is handled automatically.

1. Download or clone this repository.
2. Run ./BUILDER and enter the appropriate information:
   
3. Done! Upload and execute the built EvilOSX on your target (with ./EvilOSX.py).
4. Finally, start the Server (with ./Server.py) and start managing connections:
   

• OSXChromeDecrypt created by manwhoami
• MMeTokenDecrypt created by manwhoami
• iCloudContacts created by manwhoami