Author Topic: OS X hacks  (Read 3311 times)

0 Members and 1 Guest are viewing this topic.

Offline Ender

  • x86
  • Hero Member
  • *****
  • Posts: 2398
    • View Profile
OS X hacks
« on: February 10, 2010, 01:05:52 AM »
anyone have some?

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17928
  • Fnord.
    • View Profile
    • SkullSecurity
Re: OS X hacks
« Reply #1 on: February 10, 2010, 10:19:37 AM »
You'll have to be a lot more specific, but I suggest looking at:
1) Metasploit
2) The social engineering toolkit 0.4 (part of Backtrack Linux)

They sort of work together. The social engineering toolkit is designed to trick people into running a malicious java applet. The applet runs a Metasploit payload that gives the attacker full access to the system, then forwards them to a safe page.

Metasploit also has some OS X exploits built in:
   osx/afp/loginext                                               average    AppleFileServer LoginExt PathName Overflow
   osx/arkeia/type77                                              average    Arkeia Backup Client Type 77 Overflow (Mac OS X)
   osx/armle/safari_libtiff                                       good       iPhone MobileSafari LibTIFF Buffer Overflow
   osx/browser/safari_libtiff                                     good       iPhone MobileSafari LibTIFF Buffer Overflow
   osx/browser/safari_metadata_archive                            excellent  Safari Archive Metadata Command Execution
   osx/browser/software_update                                    excellent  Apple OS X Software Update Command Execution
   osx/email/mailapp_image_exec                                   excellent Image Attachment Command Execution
   osx/email/mobilemail_libtiff                                   good       iPhone MobileMail LibTIFF Buffer Overflow
   osx/ftp/webstar_ftp_user                                       average    WebSTAR FTP Server USER Overflow
   osx/mdns/upnp_location                                         average    Mac OS X mDNSResponder UPnP Location Overflow
   osx/rtsp/quicktime_rtsp_content_type                           average    MacOS X QuickTime RTSP Content-Type Overflow
   osx/samba/lsa_transnames_heap                                  average    Samba lsa_io_trans_names Heap Overflow
   osx/samba/trans2open                                           great      Samba trans2open Overflow (Mac OS X)

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10326
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: OS X hacks
« Reply #2 on: February 10, 2010, 06:21:59 PM »
Unless of course you meant hacks as in modifications, in which case I suggest obtaining a copy of "Mac OS X Snow Leopard - The Missing Manual".
I'd personally do as Joe suggests

You might be right about that, Joe.