Jump to content

OSX maybe not so safe as everbody thinks today


wow
 Share

39 posts in this topic

Recommended Posts

Hm it seems some hackers are gone show us 1 exploit each day for 1 month!!!!

If all exploits are suitable to take over an Anpple computer then Houstan has a problem. The exploits are new and not shown to apple before publishing, so Apple had no time to create bugfixes..................

 

 

-----------------------------------------------------------------------------------------------------------------

from Macworld:

 

'Month of Apple Bugs' begins with QuickTime exploit

 

By Peter Cohen

 

“LMH” and Kevin Finisterre have begun the Month of Apple Bugs, a self-described initiative to “improve Mac OS X” by “finding security flaws in different Apple software and third-party applications designed for” Mac OS X. The initiative kicks off with a description of a flaw that affects QuickTime 7.1.3.

 

Tagged as “MOAB-01-01-2007,” it describes a vulnerability in QuickTime’s ability to handle Real Time Streaming Protocol (rtsp) hyperlinks.

 

“By supplying a specially crafted string (rtsp:// [random] + semicolon + [299 bytes padding + payload]), an attacker could overflow a stack-based buffer, using either HTML, Javascript or a QTL file as attack vector, leading to an exploitable remote arbitrary code execution condition,” said the programmers.

 

“Exploitation of this issue is trivial, and stack NX can be rendered useless via ret-to-libc,” they continued.

 

The problem reported affects QuickTime 7.1.3, the current shipping version on both Mac OS X and Microsoft Windows. The MOAB team offers instructions for how to reproduce the problem, and suggest that the only workaround for it is to disable the rtsp:// URL handler, uninstall QuickTime “or simply live with the feeling of being a potential target for pwnage.”

 

“Pwnage” is Internet slang for being badly beaten by an opponent; the term originated with gamers.

 

LMH is the pseudonym of an as-yet unidentified hacker, and Kevin Finisterre is founder of Digital Munition and a Mac user. Finisterre has been credited with the creation of the InqTana worm, a Java-based proof of concept worm that exploited a vulnerability in Bluetooth on some Macs, which first came to light in February, 2006.

Link to comment
Share on other sites

Stupid kid, grow up with your stupid childisch langauge. How old are you? 12?

 

 

doubt it, if that.... but this will be very interesting :) i hope these dont get out into the wild... (actually... not really caring, its not like i run osx.... i feel bad for all you apple folk tho....) where can you find updated info, do they host a website or anything?

Link to comment
Share on other sites

Stupid? at least he can spell "childish" :)

 

 

emm.... i dont think he can spell anything.... (or is... look at his post and tell me there is one word spelled correctly that is over 2 letters not including "OSX", that would be a lie)

Link to comment
Share on other sites

Stupid kid, grow up with your stupid childisch langauge. How old are you? 12?

Wow...I think you completely missed the point.

 

Unpatched (zero-day perhaps) exploits have been going around in Windows circles for years. This is probably the biggest public acknowledgement that those holes even exist on OS X. If you were able to comprehend satire, you would see that I'm merely poking fun at the average Mac user's reaction to these exploits, since their platform has been generally untargeted (except for proof-of-concept code, which this is as well).

Edited by niteice
Link to comment
Share on other sites

actually... not really caring, its not like i run osx.... i feel bad for all you apple folk tho....)

 

If you run Quicktime at all you should be worried, it affects both OSX and Windows.

 

I tried a bunch of different search engines, but all I can find is old news leading up to this month. i'm sure it won't be hard to find the new exploit for the day on any tech site.

Link to comment
Share on other sites

Wow...I think you completely missed the point.

 

Unpatched (zero-day perhaps) exploits have been going around in Windows circles for years. This is probably the biggest public acknowledgement that those holes even exist on OS X. If you were able to comprehend satire, you would see that I'm merely poking fun at the average Mac user's reaction to these exploits, since their platform has been generally untargeted (except for proof-of-concept code, which this is as well).

Ok sorry then :) i thought it was one of those kids again with those stupid nothing adding replies.

 

Englisch is not my native langauge, so i will miss some things here and then.

Edited by wow
Link to comment
Share on other sites

If you run Quicktime at all you should be worried, it affects both OSX and Windows.

 

I tried a bunch of different search engines, but all I can find is old news leading up to this month. i'm sure it won't be hard to find the new exploit for the day on any tech site.

 

 

nope, it installed with itunes but i made sure to remove it. i run klite codec pack and wmp/mce.... but i still hope it wont happen for you guys, and why would i care anyway, i run windows, a quicktime exploit is the least of my worries, its just another windows virus in my book.... oooo like i havnt seen one of those before... its not going to shock windows world as much as osx, osx's record is clean, windows is... well.... more infected than a whore.... :thumbsdown_anim:

 

and thanks for seeing if you could find anything on it, im curious if its actually going to be released as planned.

Link to comment
Share on other sites

Stupid kid, grow up with your stupid childisch langauge. How old are you? 12?

 

I sure am glad that I am 13 now.

 

Englisch is not my native langauge...

 

Me neither, I speak English. Sprechen sie Deutsch?

 

If all exploits are suitable to take over an Anpple computer then Houstan has a problem. The exploits are new and not shown to apple before publishing, so Apple had no time to create bugfixes.
For some reason, I am really not worried.

 

Hm it seems some hackers are gone show us 1 exploit each day for 1 month!!!!

 

Frankly, I think Apple should pay people to do this type of work by giving out cash rewards for hacking Macs, It would be a great way to get all the holes plugged.

 

This is yet another piece of evidence against the "market share" argument for OS X security: http://forum.insanelymac.com/index.php?showtopic=25639

Link to comment
Share on other sites

I sure am glad that I am 13 now.

Me neither, I speak English. Sprechen sie Deutsch?

 

For some reason, I am really not worried.

Frankly, I think Apple should pay people to do this type of work, like give out cash rewards for hacking in Macs, It would a great way to get all the holes plugged.

 

This is example of the "market share" argument for OS X security is weak: http://forum.insanelymac.com/index.php?showtopic=25639

 

 

lol i remember that, and they did pay people to do it (how stupid was that?) and the lawyers told them that a reward to anyone who could create a virus for osx was really stupid.... witch it is, why encourage virus development on your own system, although it would have been logical for them to pay for windows viruses :unsure: hablas espanol mi amigo?

Link to comment
Share on other sites

lol i remember that, and they did pay people to do it (how stupid was that?) and the lawyers told them that a reward to anyone who could create a virus for osx was really stupid.... witch it is, why encourage virus development on your own system, although it would have been logical for them to pay for windows viruses :unsure:

 

Hacking is different than virusus. Virus could obviously get out of control. There really is no risk to paying for demonstrations of hacks. The details could be kept private.

 

Someone actually did put $10k or so for anybody to hack into classic MacOS and nobody collected. This is often taken as proof of its network security.

 

I see now Apple has actually done this itself before:

 

Apple Europe's Hack-a-Mac Contest

 

Apple Computer Europe has announced the "Hack-a-Mac" Internet Server contest at Imprinta, Europe's biggest publishing trade fair. Hack-a-Mac entrants are challenged to modify the content of the "Try Me" page located on these Global Access Internet Server web sites:

http://hack-a-mac.global.de/

The most successful hacker will win a new Apple PowerBook 3400c computer. Rules and conditions of the competition are also listed at the above sites.

 

http://developer.apple.com/adcnews/pastiss...news061397.html

 

About the same time, someone put up money to hack a Mac web server.

 

A Macintosh Web Server Security Challenge

 

From June 1 to July 15, 1997, VirTech Communications is challenging the global "hacker" community to bypass the security of its Macintosh World Wide Web server. Similar contests have been conducted in the United States and Sweden, but VirTech's challenge is unique in that it addresses popular Internet security issues that are plaguing the media today. By launching the challenge, VirTech wants to overturn the notion that the Internet is vulnerable to credit card number snatching.

 

http://developer.apple.com/adcnews/pastiss...news061397.html

Link to comment
Share on other sites

If you run Quicktime at all you should be worried, it affects both OSX and Windows.

 

I tried a bunch of different search engines, but all I can find is old news leading up to this month. i'm sure it won't be hard to find the new exploit for the day on any tech site.

 

If your Runnign Quick Time at all you shoudl be worrie ...expeslly if your a windows user.. I know mac may not have much other altertive for watchign video but honestl who realy need quick time when u have the Comunity codec Pack and WMP11???

 

for Mac User ...GOOD LUCK

Link to comment
Share on other sites

If your Runnign Quick Time at all you shoudl be worrie ...expeslly if your a windows user.. I know mac may not have much other altertive for watchign video but honestl who realy need quick time when u have the Comunity codec Pack and WMP11???

 

for Mac User ...GOOD LUCK

 

 

in windows quicktime sux, you are right (but wmp does too, btw)..

 

but in os x it´s a great tool for all conversion processes and is deeply buried in the system...and it is still one of the nicest-looking players out there...

 

and as for other players: the mac-version of the vlc-player had a security issue a few days before, too!

Link to comment
Share on other sites

There's a difference between idiocy and helping to fix security holes. The people doing this are idiots and aren't really helping to fix security problems.

 

As for the QuickTime problem...it isn't something that is OS X exclusive, which these idiots promised. So their month of OS X exploits seem flawed from the start.

Link to comment
Share on other sites

Guest bikedude880
As for the QuickTime problem...it isn't something that is OS X exclusive, which these idiots promised. So their month of OS X exploits seem flawed from the start.

 

Ah, but it is Apple software that was later ported to Windows... anyone remember it from pre-OS X?

Link to comment
Share on other sites

 

I do not know about this. The idea that a flaw in third party software can possible be used to allow an attacker to execute any code is somewhat troubling to me. Of course the difficulty of this, make it seriously unlikely that it will happen, seriously impractical for a lot of hacking goals: http://projects.info-pull.com/moab/MOAB-02-01-2007.html

 

Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/operand.
[Switching to process 785 thread 0x7c0f]
0xa0011397 in dyld_stub___vfprintf ()

 

It seems that on a EXC_BAD_INSTRUCTION signal, OS X should be able to prevent this type of thing happening. I think Apple has to consider re-designing the kernel so that it impossible to get control of OS X when these types of faults, buffer-overflows or whatever occur. On the other hand, I much rather see ideas like this propagate, than {censored} like Fox News...

 

4. (Paragraph 28) There are many individuals of the middle and upper classes who resist some of these values, but usually their resistance is more or less covert. Such resistance appears in the mass media only to a very limited extent. The main thrust of propaganda in our society is in favor of the stated values.

 

http://projects.info-pull.com/moab/MOAB-02-01-2007.html

Link to comment
Share on other sites

bug number 3:

 

A month ago, a vulnerability in QuickTime was exploited to spread a worm in MySpace. The vulnerability was first published by pdp. In his article, pdp describes how HREFTrack attribute in .mov files can be used for malicious scripting. The MySpace worm abused this vulnerability in a cross-site scripting attack vector.

 

This MoAB issue shows that this vulnerability can also be used in a cross-zone scripting attack which could allow, in combination with other vulnerabilities, to remotely execute arbitrary code on the user's machine, as well as disclosure of the filesystem contents.

Affected versions

 

This issue has been successfully exploited in QuickTime™ Version 7.1.3. Previous versions should be vulnerable as well.

Proof of concept, exploit or instructions to reproduce

 

Requires a working Ruby interpreter. If 'serve' argument is passed, it will launch both a web server (via Webrick) and a non-standard (aka quick hack) FTP server. The exploit uses Microsoft Text Driver ADODB connection which requires an anonymous FTP login to the exploit location, for an unknown reason. The FTP hack hasn't been fully tested and thus it's been removed from the public version. It will generate the files for the location of your choice:

 

$ ruby MOAB-03-01-2007.rb

++ Preparing files...

++ Script file....

++ HTA payload file....

-- Terminating: 761

 

 

Modify REMOTE_HOST, REMOTE_URL and HTA_PAYLOAD as necessary. Note that you still need to provide a MOV file with the crafted HREFTrack attribute. See notes below for information about how to do it.

Link to comment
Share on other sites

 Share

×
×
  • Create New...