ht-2012-002-FakeOSX/info.yaml
version: 20140930
id: HT-2012-002
name: Executable Document
category: :social
output: zip
format:
- pdf
- jpg
- rtf
platform: osx
exec: ruby fakedoc.rb "%AGENT%" "%OUTPUT%" "%FILENAME%" "%FILE%" %COMBO%
embed: true
params:
file: Document
combo:
- .PDF|pdf
- .RTF|rtf
- .JPG|jpg
description: "<br><b>Output:</b> APP file<br><br><b>Note:</b> The resulting APP file pretends to be the selected document.<br>This attack is effective if the target system is configured to not show file-extensions.<br><br><b>Platform:</b> OSX<br><br><b>Tested with:</b><br>OSX 10.5.x/10.6.x/10.7.x"