Add launch-agent for macos

persistence/macos/launch-agent-persistence/README.md

@@ -0,0 +1,40 @@
+# macOS Launch Agent Persistence
+
+Create and manage a launch agent on macOS, allowing for persistent execution of a
+given script or command. The launch agent will execute the specified script or
+command each time the system reboots or the user logs in.
+
+## Arguments
+
+- **command_or_path**: This argument specifies the path to the script or a bash
+  command to be run by the launch agent.
+
+- **cleanup**: When set to true, it will remove the launch agent plist file and
+  any related scripts, undoing the persistence setup.
+
+## Pre-requisites
+
+Ensure that you have the necessary permissions to create files in the user's
+`~/Library/LaunchAgents` directory and execute the specified script or command.
+
+## Examples
+
+Set up launch agent persistence with a specific script. The agent will execute
+the script every time the system reboots or the user logs in. If cleanup is set
+to true, the launch agent and related files will be removed after 3 minutes:
+
+```bash
+ttpforge -c config.yaml \
+    run ttps/persistence/macos/launch-agent-persistence/launch-agent-persistence.yaml \
+    --arg command_or_path="/Users/Shared/scarybackdoor.sh" \
+    --arg cleanup=true
+```
+
+Alternatively, you can use a direct bash command:
+
+```bash
+ttpforge -c config.yaml \
+    run ttps/persistence/macos/launch-agent-persistence/launch-agent-persistence.yaml \
+    --arg command_or_path="bash -c echo Oh uh" \
+    --arg cleanup=true
+```

persistence/macos/launch-agent-persistence/launch-agent-persistence.yaml

@@ -0,0 +1,42 @@
+---
+name: macOS Launch Agent persistence.
+description: |
+  Simple TTP to setup and load launch agent persistence on macOS.
+args:
+  - name: cleanup
+  - name: command_or_path
+
+steps:
+  - name: launchagent
+    inline: |
+      command_or_path="{{args.command_or_path}}"
+      echo "===> Creating ~/Library/LaunchAgents if it does not already exist..."
+      mkdir -p /Users/$USER/Library/LaunchAgents
+      echo "===> Writing plist to ~/Library/LaunchAgents/com.ttpforge.plist"
+
+      cat <<EOF > ~/Library/LaunchAgents/com.ttpforge.plist
+      <?xml version="1.0" encoding="UTF-8"?>
+      <!DOCTYPE plist PUBLIC "-//Apple/DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+      <plist version="1.0">
+      <dict>
+        <key>Label</key>
+        <string>com.ttpforge.plist</string>
+        <key>ProgramArguments</key>
+        <array>
+          <string>bash</string>
+          <string>-c</string>
+          <string>$command_or_path</string>
+        </array>
+        <key>KeepAlive</key>
+        <true/>
+      </dict>
+      </plist>
+      EOF
+
+      echo "===> Persistence done. ~/Library/LaunchAgents/com.ttpforge.plist dropped which executes $command_or_path. Persistence will be loaded on next reboot."
+
+    cleanup:
+      inline: |
+        if [[ "{{args.cleanup}}" == "true" ]]; then
+            rm -rf ~/Library/LaunchAgents/com.ttpforge.plist /tmp/launchagent-*
+        fi