1

I would like to connect to my Macbook through a reverse shell to be able to delete data remotely.

It will have an internet connection through WLAN
The hard drive will not be removed from the computer
It has to be done silently (no Windows, no tray icons), preferably while the lid is closed.
I might encrypt the hard drive. Encrypting the data would be useless since the people I'm trying to hide it from can just ask me to enter the password and I would have to do so.

I know it's not an easy task, but please help me with solutions to different parts of the problem. I can program some parts myself if needed. I just don't know where to start.

studiohack
  • 13,477
Drathier
  • 1,462

2 Answers2

3

Check out TrueCrypt, http://www.truecrypt.org/ specifically the section on "plausible deniability" and "Hidden volumes" where a steganographically hidden, encrypted volume is hidden withing another encrypted volume... http://www.truecrypt.org/hiddenvolume sounds similar to the situation you are describing

mvario
  • 251
1

If the lid is closed and you didn't configure it otherwise the machine is asleep and can not be remotely connected to. If you configured Wake-on-LAN AND you are on the same network you can wake the machine via a "magic packet" even when the lid is closed.

Remote access also needs to be set up ahead of time, so if they already have the device and you haven't set up Remote Login or something similar you are out of luck.

However, if you have SSH access you can delete the files from the command line and then shred the free space on the drive to prevent recovery. SSH access is (more or less) invisible to the person looking at the machine. Search for "secure delete command line mac" for details on performing the data wipe.

If you only have remote desktop access then you can perform the same operations but they will be visible to anyone looking at the screen.

Chris Nava
  • 7,258