My new module for metasploit which was submitted today has two great advantages. Firstly, it gives you the ability to download all messages from an OSX machine which by default syncs with the users iPhone and includes SMS messages. Secondly, the LATEST action gives you the ability to grab the latest messages in an easy to read format - particularly useful for 2 factor authentication(2FA).
While I was looking at OSX’s Messages for another project I found out that all message data is stored in a simple SQLite3 database format in the users library. Below is the command line to open this file and a SQL query to read the messages in a nicer format.
This has been packaged up to make it easier to use in the metasploit module post/osx/gather/enum_messages.
Pull request for metasploit.