Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Article has changed' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Article has changed
Authored by: Mad Hatter on Jul 08, '02 04:23:19PM

I downloaded the text early today when I read about this exploit on MacInTouch. In the interim it has now removed some of the more serious how-tos and such regarding spoofing and impersonating.

You end up downloading what you think is an Apple Security update for sshd for instance, and a backdoor is installed. You're hacked, your machine can be used as a zombie, or to stage a DoS attack. It allows someone who knows about the hack to login to anyone - and it doesn't show up!

I was troubled to see this depth and the tools to 'demonstrate' this exploit published. I think he went too far. Maybe CERT and Apple were notified and didn't take action or take it as a real threat in "reasonable' time frame.

I hope some of the security packages that do more than basic firewall will or already do help block or log and alert on such an attempt.



[ Reply to This | # ]
Article has changed - NOT!
Authored by: Mad Hatter on Jul 08, '02 04:59:05PM

I just checked and there are TWO versions of the exploit, the one linked to in the article on MACOSXHINTS ( http://www.cunap.com/~hardingr/projects/osx/ )and the link from the mention on MacInTouch which has a more detailed descrption. ( http://www.cunap.com/~hardingr/projects/osx/exploit.html )

I only read the exploit this morning, and OS X Hints links to another page that has a link to "exploits" page.

Sorry.



[ Reply to This | # ]
Why shouldn't he demonstrate the exploit?
Authored by: Moo0 on Jul 09, '02 02:20:35AM

It's quite common for security holes to be demonstrated, even if it is to show you how simple it can be done. Don't feel threatened by the fact that a 'step-by-step' tutorial is given. I would have come up with more or less the same procedure.



[ Reply to This | # ]
Why shouldn't he demonstrate the exploit?
Authored by: chbrosso on Jul 09, '02 09:08:36AM
The exploit is demonstrated here

[ Reply to This | # ]