New link in the top of page "IRC Chat".
Register | Login
Views: 135606716
Main | Memberlist | Active users | Calendar | Last Posts | IRC Chat | Online users
Ranks | FAQ | XPW | Stats | Color Chart | Photo album
11-23-24 01:56 PM
0 users currently in Tech Discussion.
Xeogaming Forums - Tech Discussion - Mac Hacked | |
Next newer thread | Next older thread
User Post
01001000
Slow Ride
Take It Easy









Since: 01-10-05

Since last post: 6528 days
Last activity: 5878 days
Posted on 03-06-06 04:59 PM Link | Quote
Mac Server hacked

I've always had debates with fellow classmates who believe that mac computers are more secure than that of linux/unix and windows. I've always given the good argument that Mac's are not worth hacking into due to their low popularity and that is why so few viruses effect mac's. And the everyday person who uses a mac who feels "safe" is just lulled into a false sense of security.

Finally, another article to push my debate farther and prove to those classmates that mac is not immune to viruses, spyware, or hackers.



Mac OS X hacked under 30 minutes

By Munir Kotadia, ZDNet Australia
06 March 2006 01:58 PM

update Gaining root access to a Mac is "easy pickings," according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability.

On February 22, a Sweden-based Mac enthusiast set his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications.

Within hours of going live, the "rm-my-mac" competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later this poor little Mac was owned and this page got defaced".

The hacker that won the challenge, who asked ZDNet Australia to identify him only as "gwerdna", said he gained root control of the Mac in less than 30 minutes.

"It probably took about 20 or 30 minutes to get root on the box. Initially I tried looking around the box for certain mis-configurations and other obvious things but then I decided to use some unpublished exploits -- of which there are a lot for Mac OS X," gwerdna told ZDNet Australia .

According to gwerdna, the hacked Mac could have been better protected, but it would not have stopped him because he exploited a vulnerability that has not yet been made public or patched by Apple.

"The rm-my-mac challenge was setup similar to how you would have a Mac acting as a server -- with various remote services running and local access to users… There are various Mac OS X hardening guides out there that could have been used to harden the machine, however, it wouldn't have stopped the vulnerability I used to gain access.

"There are only limited things you can do with unknown and unpublished vulnerabilities. One is to use additional hardening patches -- good examples for Linux are the PaX patch and the grsecurity patches. They provide numerous hardening options on the system, and implement non-executable memory, which prevent memory based corruption exploits," said gwerdna.

Gwerdna concluded that OS X contains "easy pickings" when it comes to vulnerabilities that could allow hackers to break into Apple's operating system.

"Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," added gwerdna.

Apple's OS X has come under fire in recent weeks with the appearance of two viruses and a number of serious security flaws, which have since been patched by the Mac maker.

In January, security researcher Neil Archibald, who has already been credited with finding numerous vulnerabilities in OS X, told ZDNet Australia that he knows of numerous security vulnerabilities in Apple's operating system that could be exploited by attackers.

"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.… If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," said Archibald at the time.

An Apple Australia spokeswoman said today it was unable to comment at this stage.




(Last edited by HoboConductor on 03-06-06 07:59 PM)
Bitmap

#1 Enhancement Shaman US Ravenholdt








Since: 09-05-04
From: His Laughin' Place

Since last post: 4558 days
Last activity: 4552 days
Posted on 03-06-06 06:29 PM Link | Quote
I always loathed macs for another reason...

Wondows will perform an illegal operation and will shut down...not exactly telling you what you did...( Thanks to Pro version, you can send the error to the windows database and will give you solutions )

Mac will just fuck up, close the application, and will say its an "error"...Gayness

And after reading this article, This is another reason why I hate Macs...
Jin

Posting Pig
Not Dead








Since: 01-12-05
From: Nowhere

Since last post: 2682 days
Last activity: 2542 days
Posted on 03-07-06 12:27 PM Link | Quote
*Jin sighs

As a Mac and FreeBSD user I groan in disgust that people are so stupid to think this was a "real world test".

The Mac was fondled with locally.. it was set up to run SSH insecurely which is something most Mac users will never even enable. And if it is, it's set up securely by DEFAULT.

So what they did was set this mac up.. outside the factory default to be insecure. And hacked it.

WOW, Who would've thought you could do that?!?! LOZL OMGHG FUCK MAX..

Seriously. Out of the box, and on most user's desktops. It's almost entirely safe. This article is utter and complete FUD.
01001000
Slow Ride
Take It Easy









Since: 01-10-05

Since last post: 6528 days
Last activity: 5878 days
Posted on 03-07-06 02:18 PM Link | Quote
Originally posted by Jin
*Jin sighs

As a Mac and FreeBSD user I groan in disgust that people are so stupid to think this was a "real world test".

The Mac was fondled with locally.. it was set up to run SSH insecurely which is something most Mac users will never even enable. And if it is, it's set up securely by DEFAULT.

So what they did was set this mac up.. outside the factory default to be insecure. And hacked it.

WOW, Who would've thought you could do that?!?! LOZL OMGHG FUCK MAX..

Seriously. Out of the box, and on most user's desktops. It's almost entirely safe. This article is utter and complete FUD.



If I had known, I would not have posted the article
Jin

Posting Pig
Not Dead








Since: 01-12-05
From: Nowhere

Since last post: 2682 days
Last activity: 2542 days
Posted on 03-07-06 03:48 PM Link | Quote
It's fine, I'm not blaming you for posting the story. I blame the people who set this up.

Not only that, the guy went to the lengths of making SSH accounts for EVERYONE participating to use. Once you're on the machine, the game is over. Heh. Obviously..

This has gotten such a backlash that the university of wisconcin has set up a +real+ challenge.. and the mac has been standing strong for about 13 hours so far.

30 minutes? Yeah right.. in hell!
Bitmap

#1 Enhancement Shaman US Ravenholdt








Since: 09-05-04
From: His Laughin' Place

Since last post: 4558 days
Last activity: 4552 days
Posted on 03-07-06 05:01 PM Link | Quote
I will admit something I do like about the mac...Old people can use it nowadays...

I mean, the two most used computers out there are IBM (Windows software) and MAC computers...usually, companies favor mac for a good reason, its easy to use, and fixing it is 80% of the time by restarting it...

I dont like Both Windows or Mac, I like teh Penguin...

(Lynux) (SP)?
01001000
Slow Ride
Take It Easy









Since: 01-10-05

Since last post: 6528 days
Last activity: 5878 days
Posted on 03-07-06 05:58 PM Link | Quote
Linux, after its creator Linus...

I don't think you use Linux if you don't know how to spell its name
Bitmap

#1 Enhancement Shaman US Ravenholdt








Since: 09-05-04
From: His Laughin' Place

Since last post: 4558 days
Last activity: 4552 days
Posted on 03-07-06 06:27 PM Link | Quote
Originally posted by HoboConductor
Linux, after its creator Linus...

I don't think you use Linux if you don't know how to spell its name


Yeah Im forever shamed to hell and back....Im tierd, School is freaking hard, I upgraded my PC, grandmother is back from hospital...Ive been having alot of Typo viruses lately....

But in all honesty, Ill use Windows....I loathe Mac...Period
Jin

Posting Pig
Not Dead








Since: 01-12-05
From: Nowhere

Since last post: 2682 days
Last activity: 2542 days
Posted on 03-09-06 04:12 PM Link | Quote
Well the Mac challlenge went on for 30 hours.. it remained un-hacked.

Just proves what propaganda bullshit the story was.
Next newer thread | Next older thread
Xeogaming Forums - Tech Discussion - Mac Hacked |



xeogaming.org

AcmlmBoard 1.92++ r4 Baseline
?2000-2013 Acmlm, Emuz, Blades, Xkeeper, DarkSlaya*, Lord Alexandor*
*Unofficial Updates
Page rendered in 0.153 seconds.
0.029