October 23rd, 2014

mac-ownability

According to the guy that cracked into the contest system “rm-my-box” in sub-30 Minutes, there are still lots of unpublished exploits left in Mac OS X. The host didn’t seem to set the bar too high though, he actually gave out accounts on the system to start with. I’d have to believe that there are tons of SUID binaries there since it comes with root disabled by default.
In related mac-insecurity gossip and stories, the host of the “rm-my-box” challenge alleges that this story about a security researcher getting owned though a Mac at Shmoocon was about Raven Adler. Can anyone confirm or deny? Entertaining nonetheless.

Leave a Response

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS