TCC ClickJacking - A proof of concept for a clickjacking attack on macOS

Overview

TCC ClickJacking

A proof of concept for a ClickJacking attack on macOS.

Why?

TCC (Transparency, Consent, and Control) restricts and control application access to certain features. This can include things such as camera, microphone, location services, contacts, photos, Downloads/Desktop/Documents folders, and a bunch more.

The ability to bypass TCC can sometimes be the difference-maker in red team engagements. ClickJacking is a fairly simple attack that can trick most users into giving away full control over their TCC database.

Usage

  1. This was only tested on macOS Monterey, the window location would likely need adjustments on different operating systems.
  2. Clone this repository and navigate to the cloned directory.
  3. Open the Terminal app, and execute:
$: swift ./tcc-clickjacking.swift

You should now see an immovable transparent window with an "OK" button. Behind it will be the TCC consent dialog, perfectly positioned so that clicking on the visible "OK" button would give the application access to your TCC database.

Legal Disclaimer

Usage of this code for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purposes.

You might also like...
Small app that checks focus status under macOS 12
Small app that checks focus status under macOS 12

infocus What Small app for Mac Admins that checks focus status under macOS 11 and 12 and can be used to add Do Not Disturb support to management scrip

Check for suspicious processes on macOS.

pschk Check for suspicious processes on macOS. Installation $ make $ sudo make install or $ brew tap x13a/tap $ brew install x13a/tap/pschk Usage USAG

A tiny macOS utility to foster sustainable OSS

SustainableOSS SustainableOSS is a status bar app for macOS that indexes the third-party dependencies your projects depend on, sorts them by usage, an

Versions tracker for your iOS, macOS, and tvOS app

VersionTrackerSwift VersionTrackerSwift is a versions / builds tracker to know which version has been installed by a user. Usage In your ApplicationDe

Sync Slack status to macOS Monterey Focus mode
Sync Slack status to macOS Monterey Focus mode

SyncFocusWithSlack Sync Slack status to macOS Monterey Focus mode ⚠️ This app ac

Easy CBOR encoding and decoding for iOS, macOS, tvOS and watchOS.

CBORCoding CBORCoding is a lightweight framework containing a coder pair for encoding and decoding Codable conforming types to and from CBOR document

A cross-platform library of Swift utils to ease your iOS | macOS | watchOS | tvOS and Linux development.
A cross-platform library of Swift utils to ease your iOS | macOS | watchOS | tvOS and Linux development.

Mechanica A library of Swift utils to ease your iOS, macOS, watchOS, tvOS and Linux development. Requirements Documentation Installation License Contr

LanguageList for SwiftUI supporting iOS/macOS/tvOS

LanguageList for iOS, macOS and tvOS LanguageList is created and maintaned with ❥ by Sascha Muellner. What? This is a SwiftUI package with support for

The sample implementation of zip-archived document for a macOS AppKit platform.
The sample implementation of zip-archived document for a macOS AppKit platform.

The sample implementation of zip-archived document for a macOS AppKit platform. You can implement NSDocument-based I/O of archived document in your application like .sketch or .key.

Owner
BreakPoint Technologies
Rethinking from the attacker's perspective.
BreakPoint Technologies
macOS system library in Swift

SystemKit A macOS system library in Swift based off of libtop, from Apple's top implementation. For an example usage of this library, see dshb, a macO

null 323 Jan 5, 2023
A macOS application displaying the thermal, voltage and current sensor values.

Sensors About A macOS application displaying the thermal, voltage and current sensor values. License Project is released under the terms of the MIT Li

Jean-David Gadina 82 Jan 3, 2023
macOS utility for converting fat-frameworks to SPM-compatible XCFramework with arm64-simulator support

xcframework-maker macOS utility for converting fat-frameworks to SPM-compatible XCFramework with arm64-simulator support. ?? Description make-xcframew

Dariusz Rybicki 312 Dec 22, 2022
ALO sync allows you to sync resources form an ALO endpoint to your macOS file system.

ALO sync allows you to sync resources form an ALO endpoint to your macOS file system. Prerequisites macOS 11 No support for search* No suppor

Lawrence Bensaid 2 Jan 22, 2022
Simple utility to change macOS Big Sur menu bar color by appending a solid color or gradient rectangle to a wallpaper image

Change menu bar color in macOS Big Sur Simple utility to change macOS Big Sur menu bar color by appending a solid color or gradient rectangle to a wal

Igor Kulman 876 Jan 5, 2023
A set of utilities (vmcli + vmctl) for macOS Virtualization.framework

VMCLI A set of utilities to help you manage VMs with Virtualization.framework Installation Prerequisites macOS Big Sur (11+) XCode.app installed # mak

Yifan Gu 771 Dec 24, 2022
SwiftyUpdateKit is a framework for iOS and macOS.

SwiftyUpdateKit is a framework for iOS and macOS. This framework supports for a user to update your app when new app version is released on the App Store.

Hituzi Ando 4 Aug 24, 2022
This is a Swift package with support for macOS that allows to start Java Jar's with the default or a custom JVM.

Jar.swift jar runner for macos Jar.swift is created and maintaned with ❥ by Sascha Muellner. What? This is a Swift package with support for macOS that

Swift Package Repository 1 Nov 11, 2021
A simple macOS utility that can be used to control the behaviour of Bose QC35 Headphones straight from the menu bar.

bose-macos-utility A simple macOS utility that can be used to control the behaviour of Bose QC35 Headphones straight from the menu bar. Why Have you e

Łukasz Zalewski 11 Aug 26, 2022
Hermes is a Swift 5 payload for macOS.

Hermes is a Swift 5 payload for macOS. This version currently supports Mythic 2.2.8 and will update as necessary. It will not work with Mythic 2.1 and lower.

Mythic Agents 71 Dec 6, 2022