IMPERIAL PROJECT | OSX and UNIX Exploits
Today, WikiLeaks publishes further documentation from their CIA Vault 7 leaks. This time they are from the agencies Imperial Project.
Achilles
- Provides an operator the ability to trojan an OS X disk image (.dmg) installer with one or more desired operator specified executables for a one-time execution.
How do I install an application from a .dmg disk image? | Stack Exchange
Applications that are distributed on disk images (.dmg files) are designed to be installed using drag and drop. You can safely drag and drop the application from the virtual drive into your Applications folder and use it from your Applications folder. After copying it to your Applications folder it's safe to eject the virtual drive and delete the disk image file.
Aeris
- An automated implant written in C that supports a number of POSIX-based systems (Debian, RHEL, Solaris, FreeBSD, CentOS). It supports automated file exfiltration, configurable beacon interval and jitter, standalone and Collide-based HTTPS LP support and SMTP protocol support - all with TLS encrypted communications with mutual authentication. It is compatible with the NOD Cryptographic Specification and provides structured command and control that is similar to that used by several Windows implants.
The Portable Operating System Interface (POSIX) is a family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems. POSIX defines the application programming interface (API), along with command line shells and utility interfaces, for software compatibility with variants of Unix and other operating systems.
SeaPea
- SeaPea is an OS X Rootkit that provides stealth and tool launching capabilities. It hides files/directories, socket connections and/or processes. It runs on Mac OSX 10.6 and 10.7.
A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that would not otherwise be allowed (for example, to an unauthorized user) and often masks its existence or the existence of other software. The term rootkit is a concatenation of "root" (the traditional name of the privileged account on Unix-like operating systems) and the word "kit" (which refers to the software components that implement the tool). The term "rootkit" has negative connotations through its association with malware.
Is nothing safe from exploitation any more?
Well this one was over my head for now. No comments in this one to provide any extra insight, but hey ur awesome!
Respect. This one was probably the most confusing for me also. But it still taught me a bit of stuff.
Thats good!
As long as you learn you improve. Learning is one of the most valuable aspects of existence!
This post got a
15.47% upvote thanks to @fortified - Hail Eris !Congratulations @fortified! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOPCongratulations @fortified! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOP