Working Around Anti-Pasting in Mac OS X
Ever come across an input field that didn't allow you to paste? It get's quite frustrating doesn't it; especially if you're stuck typing out a 50 character randomly generated password. I come across this problem a lot when I'm pen-testing and nothing frustrates me more than when you're in the middle of breaking something apart and you come across an input field or application that doesn't allow pastes.
I decided to look into how to copy-and-"paste" using keyboard emulation on Mac OS X. After a bit of research on the Apple Developer website, I discovered that the System Events agent in Mac OS X can do just that with the help of AppleScript. The System Events agent provides a bridge between AppleScript and various parts of the OS including the GUI, power management, network preferences, and more.
After just five minutes of tinkering I came up with this script for my Automator application:
on run {input, parameters}
delay 3 # 1
tell application "Finder" # 2
set theData to (the clipboard as text)
end tell
tell application "System Events" # 3
set frontApp to first application process whose frontmost is true
end tell
activate frontApp
repeat with theCharacter in the characters of theData # 4
tell application "System Events" to keystroke theCharacter
end repeat
return theData
end run
How does it work? The code is pretty straightforward:
- Wait for three seconds - just in case you need to select the destination field again.
- Copy the data from the system clipboard into a variable called
theData - Activate the front-most application - this is necessary to regain focus on the application you wish to "paste" to since we lost focus when opening our Automator app.
- For every character in
theDataemit a keystroke.
Now let's package that up as an app.
Building Your Automator App
Open up /Applications/Automator.app; you should see an open file dialog. Click on the New Document button in the bottom left-hand corner.
Automator will now prompt for the type of document you wish to create. Select Application and click the Choose button in the bottom right-hand corner.
You'll now be presented with the Automator workflow editor. In the search box type in applescript. You should now see a Run AppleScript action which you can then click and drag into the right pane.
Copy-and-paste the script above into the Run AppleScript text area and save your Automator app (Cmd-S) as KeyStroker (or whatever you like). Make sure you select Application as the File Format when you save your app otherwise you won't be able to launch your script as an app.
You should now have a new application in your /Applications folder called KeyStroker.app.
Usage
In order to copy-and-"paste" into a field, the first thing you need to do is copy a piece of text, of course. Then navigate to the application and select the input field you wish to paste to. Once there, run your Automator pasting app using the Cmd-Space shortcut, et voila! Your clipboard data gets typed into the field as though you were typing it on the keyboard yourself! Here's a demo video:
Conclusion
We demonstrated keystroke emulation and GUI interaction using AppleScript which can be useful for other scenarios (maybe to write a two-stage Rubber Ducky payload?). This allowed us to work around anti-pasting techniques used by third-party websites or applications. Finally, we demonstrated how to package up our AppleScripts into an app using Automator.
Hopefully, this will come in handy on your pen-tests or regular day-to-day pasting activities and I hope you enjoyed this blog post. Cheers!