Trendshift - Ask AI

base on SeaShell Framework is an iOS post-exploitation framework that enables you to access the device remotely, control it and extract sensitive information. <h3 align="left"> <img src="seashell/data/logo.png" alt="logo" height="250px"> </h3> [![Developer](https://img.shields.io/badge/developer-EntySec-blue.svg)](https://entysec.com) [![Language](https://img.shields.io/badge/language-Python-blue.svg)](https://github.com/EntySec/SeaShell) [![Forks](https://img.shields.io/github/forks/EntySec/SeaShell?style=flat&color=green)](https://github.com/EntySec/SeaShell/forks) [![Stars](https://img.shields.io/github/stars/EntySec/SeaShell?style=flat&color=yellow)](https://github.com/EntySec/SeaShell/stargazers) [![CodeFactor](https://www.codefactor.io/repository/github/EntySec/SeaShell/badge)](https://www.codefactor.io/repository/github/EntySec/SeaShell) [SeaShell Framework](https://blog.entysec.com/2023-12-31-seashell-ios-malware/) is an iOS/macOS post-exploitation framework that enables you to access the device remotely, control it and extract sensitive information. ## Features * **Powerful Implant** - SeaShell Framework uses the advanced and powerful payload with lots of features. It is called [Pwny](https://github.com/EntySec/Pwny). You can extend it by adding your own post-exploitation modules or plugins. * **Basic Set** - SeaShell Framework comes with basic set of post-exploitation modules that may exfiltrate following user data: SMS, VoiceMail, Safari history and much more. * **Encrypted communication** - Communication between device and SeaShell is encrypted using the [TLS 1.3](https://en.wikipedia.org/wiki/Transport_Layer_Security) encryption by default. * **Regular updates** - SeaShell Framework is being actively updated, so don't hesitate and leave your [feature request](https://github.com/EntySec/SeaShell/issues/new?assignees=&labels=&projects=&template=feature_request.md&title=)! ## Installation To install SeaShell Framework you just need to type this command in your terminal: ```shell pip3 install git+https://github.com/EntySec/SeaShell ``` After this SeaShell can be started with `seashell` command. ## Updating To update SeaShell and get new commands run this: ```shell pip3 install --force-reinstall git+https://github.com/EntySec/SeaShell ``` ## Usage ### Generating IPA Simply generate custom IPA file or patch existing one and install it on target's iPhone or iPad via [TrollStore](https://trollstore.app/) or other IPA installer that bypasses CoreTrust. <p align="center"> <img width="70%" src="seashell/data/preview/ipa.svg"> </p> ### Starting listener Then you will need to start a listener on a host and port you added to your IPA. Once the installed application opens, you will receive a connection. <p align="center"> <img width="70%" src="seashell/data/preview/listen.svg"> </p> ### Accessing device Once you have received the connection, you will be able to communicate with the session through a [Pwny](https://github.com/EntySec/Pwny) interactive shell. Use `devices -i <id>` to interact and `help` to view list of all available commands. You can even extract Safari history like in the example below. <p align="center"> <img width="70%" src="seashell/data/preview/safari.svg"> </p> ## Available commands Find the map of available commands. New commands/modules being added regularly so this list might be outdated. <h3 align="center"> <img width="100%" src="seashell/data/builtins.png"> </h3> ## Covering them All A wide range of iOS versions are supported, being 14.0 beta 2 - 16.6.1, 16.7 RC, and 17.0 beta 1 - 17.0, as these versions are vulnerable to the CoreTrust bug. ## Endless Capabilities [Pwny](https://github.com/EntySec/Pwny) is a powerful implant with plenty of features including evasion, dynamic extensions and much more. It is embedded into the second phase of SeaShell Framework attack. These are all phases: * **1.** IPA file installed and opened. * **2.** Pwny is loaded through `posix_spawn()`. * **3.** Connection established and Pwny is ready to receive commands. ## Issues and Bugs SeaShell was just released and is in **BETA** stage for now. If you find a bug or some function that does not work we will be glad if you immediately submit an issue describing a problem. The more details the issue contains the faster we will be able to fix it. ## External Resources * Medium: [SeaShell: iOS 16/17 Remote Access](https://medium.com/@enty8080/seashell-ios-16-17-remote-access-41cc3366019d) * iDeviceCentral: [iOS Malware Makes TrollStore Users Vulnerable To Monitoring, File Extraction & Remote Control on iOS 14 – iOS 17](https://idevicecentral.com/news/ios-malware-makes-trollstore-users-vulnerable-to-monitoring-file-extraction-remote-control-on-ios-14-ios-17/) * TheAppleWiki: [SeaShell](https://theapplewiki.com/wiki/SeaShell) * One Jailbreak: [SeaShell Trojan Horse iOS](https://onejailbreak.com/blog/seashell-trojan-horse-ios/) ## Legal Use Note that the code and methods provided in this repository must not be used for malicious purposes and should only be used for testing and experimenting with devices **you own**. Please consider out [Terms of Service](https://github.com/EntySec/SeaShell/blob/main/TERMS_OF_SERVICE.md) before using the tool. ", Assign "at most 3 tags" to the expected json: {"id":"6885","tags":[]} "only from the tags list I provide: [{"id":77,"name":"3d"},{"id":89,"name":"agent"},{"id":17,"name":"ai"},{"id":54,"name":"algorithm"},{"id":24,"name":"api"},{"id":44,"name":"authentication"},{"id":3,"name":"aws"},{"id":27,"name":"backend"},{"id":60,"name":"benchmark"},{"id":72,"name":"best-practices"},{"id":39,"name":"bitcoin"},{"id":37,"name":"blockchain"},{"id":1,"name":"blog"},{"id":45,"name":"bundler"},{"id":58,"name":"cache"},{"id":21,"name":"chat"},{"id":49,"name":"cicd"},{"id":4,"name":"cli"},{"id":64,"name":"cloud-native"},{"id":48,"name":"cms"},{"id":61,"name":"compiler"},{"id":68,"name":"containerization"},{"id":92,"name":"crm"},{"id":34,"name":"data"},{"id":47,"name":"database"},{"id":8,"name":"declarative-gui "},{"id":9,"name":"deploy-tool"},{"id":53,"name":"desktop-app"},{"id":6,"name":"dev-exp-lib"},{"id":59,"name":"dev-tool"},{"id":13,"name":"ecommerce"},{"id":26,"name":"editor"},{"id":66,"name":"emulator"},{"id":62,"name":"filesystem"},{"id":80,"name":"finance"},{"id":15,"name":"firmware"},{"id":73,"name":"for-fun"},{"id":2,"name":"framework"},{"id":11,"name":"frontend"},{"id":22,"name":"game"},{"id":81,"name":"game-engine "},{"id":23,"name":"graphql"},{"id":84,"name":"gui"},{"id":91,"name":"http"},{"id":5,"name":"http-client"},{"id":51,"name":"iac"},{"id":30,"name":"ide"},{"id":78,"name":"iot"},{"id":40,"name":"json"},{"id":83,"name":"julian"},{"id":38,"name":"k8s"},{"id":31,"name":"language"},{"id":10,"name":"learning-resource"},{"id":33,"name":"lib"},{"id":41,"name":"linter"},{"id":28,"name":"lms"},{"id":16,"name":"logging"},{"id":76,"name":"low-code"},{"id":90,"name":"message-queue"},{"id":42,"name":"mobile-app"},{"id":18,"name":"monitoring"},{"id":36,"name":"networking"},{"id":7,"name":"node-version"},{"id":55,"name":"nosql"},{"id":57,"name":"observability"},{"id":46,"name":"orm"},{"id":52,"name":"os"},{"id":14,"name":"parser"},{"id":74,"name":"react"},{"id":82,"name":"real-time"},{"id":56,"name":"robot"},{"id":65,"name":"runtime"},{"id":32,"name":"sdk"},{"id":71,"name":"search"},{"id":63,"name":"secrets"},{"id":25,"name":"security"},{"id":85,"name":"server"},{"id":86,"name":"serverless"},{"id":70,"name":"storage"},{"id":75,"name":"system-design"},{"id":79,"name":"terminal"},{"id":29,"name":"testing"},{"id":12,"name":"ui"},{"id":50,"name":"ux"},{"id":88,"name":"video"},{"id":20,"name":"web-app"},{"id":35,"name":"web-server"},{"id":43,"name":"webassembly"},{"id":69,"name":"workflow"},{"id":87,"name":"yaml"}]" returns me the "expected json"

AI prompts

AI prompts