hdiutil
hdiutil manipulates disk images such as DMG and ISO files. You can mount, unmount, create, resize and verify disk images. Including encrypted images.
Author: Mark Morowczynsk (@markmorow) Created: 2023-05-21
Paths
/usr/bin/hdiutil Example Use Cases
Mount a malicious dmg file
Uses hdiutil to mount a malicious dmg file to the system.
hdiutil mount malicious.dmgMount a malicious dmg file
Uses hdiutil to mount a malicious dmg file to the system.
hdiutil attach malicious.dmgMount a malicious iso file
Uses hdiutil to mount a malicious iso file to the system.
hdiutil mount malicious.isoMount a malicious iso file
Uses hdiutil to mount a malicious iso file to the system.
hdiutil attach malicious.isoExfiltrate data in dmg file
Uses hdiutil to create a dmg file to store exfiltrate data
hdiutil create -volname "Volume Name" -srcfolder /path/to/folder -ov diskimage.dmgExfiltrate data in encrypted dmg file
Uses hdiutil to create a dmg file to store exfiltrate data
hdiutil create -encryption -stdinpass -volname "Volume Name" -srcfolder /path/to/folder -ov encrypteddiskimage.dmg