Gmail会话,Facebook私人消息和个人照片都可以由具有后门访问目标Mac的黑客查看。 通过对桌面进行直播或透露屏幕截图,此信息可用于敲诈勒索和针对性的社交工程攻击,从而进一步破坏。
实时流式传输Mac的整个桌面可能不是每个信息收集场景的理想选择。 流式视频的一个主要缺点是高CPU消耗。 如果您以高帧速率进行流式传输,MacBook CPU将会升温,这可能会导致目标变得可疑。 流式传输还需要额外的第三方软件才能运行。 该软件可能被防病毒软件或目标本身检测到。
屏幕截图是一种更安静的直播方式。 安静,我的意思是,在网络上产生最小的流量并降低CPU使用率。 毕竟,当我们流式传输目标桌面时监视网络流量的人可能会注意到从设备传输的恶意数据。
使用命令行工具Screencapture Screencapture是内置于macOS(以前的Mac OS X)中的命令行工具,它能够捕获整个macOS桌面的屏幕截图。要查看可用的screencapture选项和参数,请使用man命令访问该手册。
SCREENCAPTURE(1) BSD General Commands Manual SCREENCAPTURE(1) NAME screencapture -- capture images from the screen and save them to a file or the clipboard SYNOPSIS screencapture [-SWCTMPcimswxto] file DESCRIPTION The screencapture utility is not very well documented to date. A list of options follows. -c Force screen capture to go to the clipboard. -C Capture the cursor as well as the screen. Only allowed in non- interactive modes. -i Capture screen interactively, by selection or window. The con- trol key will cause the screen shot to go to the clipboard. The space key will toggle between mouse selection and window selec- tion modes. The escape key will cancel the interactive screen shot. -m Only capture the main monitor, undefined if -i is set. -M Open the taken picture in a new Mail message. -o In window capture mode, do not capture the shadow of the window. -P Open the taken picture in a Preview window. -s Only allow mouse selection mode. -S In window capture mode, capture the screen instead of the window. -t <format> Image format to create, default is png (other options include pdf, jpg, tiff and other formats). -T <seconds> Take the picture after a delay of <seconds>, default is 5. -w Only allow window selection mode. -W Start interaction in window selection mode. -x Do not play sounds. -a Do not capture attached windows. -r Do not add screen dpi meta data to captured file. -b capture Touch Bar, only works in non-interactive modes. files where to save the screen capture, 1 file per screen BUGS Better documentation is needed for this utility. SECURITY CONSIDERATIONS To capture screen content while logged in via ssh, you must launch screencapture in the same mach bootstrap hierarchy as loginwindow: PID=pid of loginwindow sudo launchctl bsexec $PID screencapture [options] HISTORY A screencapture utility first appeared in Mac OS X v10.2. Mac OS June 16, 2004 Mac OS更多内容,参阅https://via-dean.com
