You’ve completed your recon, and found that your target is using MacOS… what next? With the increased popularity of MacOS in the enterprise, we are often finding that having phishing payloads targeting only Microsoft Windows endpoints is not enough during a typical engagement.
With this in mind, I wanted to find an effective method of landing a stager on a MacOS system during a phishing campaign. In this walkthrough, I will show one possible way we can go about gaining a foothold by leveraging Microsoft Office on MacOS, and present a method of escaping the MacOS sandbox that we find ourselves trapped inside of.
Read the full post over on MDSec's blog here.