| Forum Home | ||||
| PC World Chat | ||||
| Thread ID: 66802 | 2006-03-07 19:04:00 | MAC Hacked in 30 Minutes | pctek (84) | PC World Chat |
| Post ID | Timestamp | Content | User | ||
| 436451 | 2006-03-07 19:04:00 | Mac OS X hacked in under 30 minutes By Munir Kotadia Special to CNET News.com Published: March 6, 2006, 11:17 AM PST TalkBack E-mail Print Gaining root access to a Mac is "easy pickings," according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability. On Feb. 22, a Sweden-based Mac enthusiast set up his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications. Within hours of going live, the "rm-my-mac" competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later this poor little Mac was owned and this page got defaced." The hacker who won the challenge, who asked ZDNet Australia to identify him only as "gwerdna," said he gained root control of the Mac in less than 30 minutes. "It probably took about 20 or 30 minutes to get root on the box. Initially I tried looking around the box for certain misconfigurations and other obvious things but then I decided to use some unpublished exploits--of which there are a lot for Mac OS X," gwerdna told ZDNet Australia. According to gwerdna, the hacked Mac could have been better protected, but it would not have stopped him because he exploited a vulnerability that has not yet been made public or patched by Apple. "The rm-my-mac challenge was setup similar to how you would have a Mac acting as a server--with various remote services running and local access to users… There are various Mac OS X hardening guides out there that could have been used to harden the machine, however, it wouldn't have stopped the vulnerability I used to gain access. "There are only limited things you can do with unknown and unpublished vulnerabilities. One is to use additional hardening patches--good examples for Linux are the PaX patch and the grsecurity patches. They provide numerous hardening options on the system, and implement non-executable memory, which prevent memory based corruption exploits," gwerdna said. Gwerdna concluded that OS X contains "easy pickings" when it comes to vulnerabilities that could allow hackers to break into Apple's operating system. "Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," gwerdna added. Apple's OS X has come under fire in recent weeks with the appearance of two viruses and a number of serious security flaws, which have since been patched by the Mac maker. In January, security researcher Neil Archibald, who has already been credited with finding numerous vulnerabilities in OS X, told ZDNet Australia that he knows of numerous security vulnerabilities in Apple's operating system that could be exploited by attackers. "The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms...If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," said Archibald at the time. An Apple Australia representative said Monday the company was unable to comment at this stage. Apple in the U.S. could not be reached for comment. Munir Kotadia of ZDNet Australia reported from Sydney. |
pctek (84) | ||
| 436452 | 2006-03-07 19:20:00 | Wow, must be quite a smart person this Gwerdna. 30 minutes isn't very long at all. | mejobloggs (264) | ||
| 436453 | 2006-03-07 20:00:00 | try reading the following link (http://test.doit.wisc.edu/) your article does not give the full details ;) |
plod (107) | ||
| 436454 | 2006-03-07 20:31:00 | The CNET article has now been updated with the following. Clarification: The story has been updated to clarify that participants were given local client access to the target computer. |
Safari (3993) | ||
| 436455 | 2006-03-07 21:04:00 | Give me local cleint access plus a good axe and I guarantee to hack any computer known to man in 2 minutes or less .... | Biggles (121) | ||
| 436456 | 2006-03-07 21:06:00 | So the cnet article is a pile of poo | plod (107) | ||
| 436457 | 2006-03-07 21:16:00 | Cnet seem to have a Mac agenda, Blowing every little scrap of supossed Mac security breach way out of proportion, Hell, I display my bias like a beacon, But even I consider the Mac security articles on Cnet a disgrace. | Metla (12) | ||
| 436458 | 2006-03-07 22:06:00 | So the cnet article is a pile of poo *start rant* That it is, but local privilage escalation is still a *big* problem. Especially seeing as most people who dismissed the safari exploit did so because "it only runs as a user". Between the two exploits you have a website you can visit, and gain root access on a mac. After that... well whatever you want to do. Personaly I think people who play down security holes (not that you are doing this plod) are stupid beyond words. *stop rant* Sorry about that.. the rant was mostly inspired by comments seen elsewhere. I'm confused as to why people don't take these things more seriously. -Qyiet |
qyiet (6730) | ||
| 436459 | 2006-03-07 23:50:00 | I will take things seriously when the exploits are being told by credible people, not companys trying to sell AV software or news sites that only write quarter of a story. | plod (107) | ||
| 436460 | 2006-03-08 00:11:00 | Macs are as full of holes as Swiss cheese. :thumbs: |
Greg (193) | ||
| 1 2 | |||||