wow Posted January 2, 2007 Share Posted January 2, 2007 Hm it seems some hackers are gone show us 1 exploit each day for 1 month!!!! If all exploits are suitable to take over an Anpple computer then Houstan has a problem. The exploits are new and not shown to apple before publishing, so Apple had no time to create bugfixes.................. ----------------------------------------------------------------------------------------------------------------- from Macworld: 'Month of Apple Bugs' begins with QuickTime exploit By Peter Cohen “LMH” and Kevin Finisterre have begun the Month of Apple Bugs, a self-described initiative to “improve Mac OS X” by “finding security flaws in different Apple software and third-party applications designed for” Mac OS X. The initiative kicks off with a description of a flaw that affects QuickTime 7.1.3. Tagged as “MOAB-01-01-2007,” it describes a vulnerability in QuickTime’s ability to handle Real Time Streaming Protocol (rtsp) hyperlinks. “By supplying a specially crafted string (rtsp:// [random] + semicolon + [299 bytes padding + payload]), an attacker could overflow a stack-based buffer, using either HTML, Javascript or a QTL file as attack vector, leading to an exploitable remote arbitrary code execution condition,” said the programmers. “Exploitation of this issue is trivial, and stack NX can be rendered useless via ret-to-libc,” they continued. The problem reported affects QuickTime 7.1.3, the current shipping version on both Mac OS X and Microsoft Windows. The MOAB team offers instructions for how to reproduce the problem, and suggest that the only workaround for it is to disable the rtsp:// URL handler, uninstall QuickTime “or simply live with the feeling of being a potential target for pwnage.” “Pwnage” is Internet slang for being badly beaten by an opponent; the term originated with gamers. LMH is the pseudonym of an as-yet unidentified hacker, and Kevin Finisterre is founder of Digital Munition and a Mac user. Finisterre has been credited with the creation of the InqTana worm, a Java-based proof of concept worm that exploited a vulnerability in Bluetooth on some Macs, which first came to light in February, 2006. Link to comment Share on other sites More sharing options...
niteice Posted January 3, 2007 Share Posted January 3, 2007 ONOZ HAX0RS ON MY OSX WAT SHUD I DO ;( Link to comment Share on other sites More sharing options...
wow Posted January 3, 2007 Author Share Posted January 3, 2007 Stupid kid, grow up with your stupid childisch langauge. How old are you? 12? Link to comment Share on other sites More sharing options...
bwhsh8r Posted January 3, 2007 Share Posted January 3, 2007 Stupid kid, grow up with your stupid childisch langauge. How old are you? 12? doubt it, if that.... but this will be very interesting i hope these dont get out into the wild... (actually... not really caring, its not like i run osx.... i feel bad for all you apple folk tho....) where can you find updated info, do they host a website or anything? Link to comment Share on other sites More sharing options...
iMaurice Posted January 3, 2007 Share Posted January 3, 2007 (edited) Stupid kid, grow up with your stupid childisch langauge. How old are you? 12? Stupid? at least he can spell childish correctly Edited January 3, 2007 by iMaurice Link to comment Share on other sites More sharing options...
bwhsh8r Posted January 3, 2007 Share Posted January 3, 2007 Stupid? at least he can spell "childish" emm.... i dont think he can spell anything.... (or is... look at his post and tell me there is one word spelled correctly that is over 2 letters not including "OSX", that would be a lie) Link to comment Share on other sites More sharing options...
niteice Posted January 3, 2007 Share Posted January 3, 2007 (edited) Stupid kid, grow up with your stupid childisch langauge. How old are you? 12? Wow...I think you completely missed the point. Unpatched (zero-day perhaps) exploits have been going around in Windows circles for years. This is probably the biggest public acknowledgement that those holes even exist on OS X. If you were able to comprehend satire, you would see that I'm merely poking fun at the average Mac user's reaction to these exploits, since their platform has been generally untargeted (except for proof-of-concept code, which this is as well). Edited January 3, 2007 by niteice Link to comment Share on other sites More sharing options...
rollcage Posted January 3, 2007 Share Posted January 3, 2007 actually... not really caring, its not like i run osx.... i feel bad for all you apple folk tho....) If you run Quicktime at all you should be worried, it affects both OSX and Windows. I tried a bunch of different search engines, but all I can find is old news leading up to this month. i'm sure it won't be hard to find the new exploit for the day on any tech site. Link to comment Share on other sites More sharing options...
wow Posted January 3, 2007 Author Share Posted January 3, 2007 (edited) Wow...I think you completely missed the point. Unpatched (zero-day perhaps) exploits have been going around in Windows circles for years. This is probably the biggest public acknowledgement that those holes even exist on OS X. If you were able to comprehend satire, you would see that I'm merely poking fun at the average Mac user's reaction to these exploits, since their platform has been generally untargeted (except for proof-of-concept code, which this is as well). Ok sorry then i thought it was one of those kids again with those stupid nothing adding replies. Englisch is not my native langauge, so i will miss some things here and then. Edited January 3, 2007 by wow Link to comment Share on other sites More sharing options...
niteice Posted January 3, 2007 Share Posted January 3, 2007 (edited) Alright, I understand if English isn't your native language, but by the time I finished my reply 3 more people had posted so I had to address them too Edited January 3, 2007 by niteice Link to comment Share on other sites More sharing options...
bwhsh8r Posted January 3, 2007 Share Posted January 3, 2007 If you run Quicktime at all you should be worried, it affects both OSX and Windows. I tried a bunch of different search engines, but all I can find is old news leading up to this month. i'm sure it won't be hard to find the new exploit for the day on any tech site. nope, it installed with itunes but i made sure to remove it. i run klite codec pack and wmp/mce.... but i still hope it wont happen for you guys, and why would i care anyway, i run windows, a quicktime exploit is the least of my worries, its just another windows virus in my book.... oooo like i havnt seen one of those before... its not going to shock windows world as much as osx, osx's record is clean, windows is... well.... more infected than a whore.... and thanks for seeing if you could find anything on it, im curious if its actually going to be released as planned. Link to comment Share on other sites More sharing options...
bofors Posted January 3, 2007 Share Posted January 3, 2007 Stupid kid, grow up with your stupid childisch langauge. How old are you? 12? I sure am glad that I am 13 now. Englisch is not my native langauge... Me neither, I speak English. Sprechen sie Deutsch? If all exploits are suitable to take over an Anpple computer then Houstan has a problem. The exploits are new and not shown to apple before publishing, so Apple had no time to create bugfixes.For some reason, I am really not worried. Hm it seems some hackers are gone show us 1 exploit each day for 1 month!!!! Frankly, I think Apple should pay people to do this type of work by giving out cash rewards for hacking Macs, It would be a great way to get all the holes plugged. This is yet another piece of evidence against the "market share" argument for OS X security: http://forum.insanelymac.com/index.php?showtopic=25639 Link to comment Share on other sites More sharing options...
bwhsh8r Posted January 3, 2007 Share Posted January 3, 2007 I sure am glad that I am 13 now.Me neither, I speak English. Sprechen sie Deutsch? For some reason, I am really not worried. Frankly, I think Apple should pay people to do this type of work, like give out cash rewards for hacking in Macs, It would a great way to get all the holes plugged. This is example of the "market share" argument for OS X security is weak: http://forum.insanelymac.com/index.php?showtopic=25639 lol i remember that, and they did pay people to do it (how stupid was that?) and the lawyers told them that a reward to anyone who could create a virus for osx was really stupid.... witch it is, why encourage virus development on your own system, although it would have been logical for them to pay for windows viruses hablas espanol mi amigo? Link to comment Share on other sites More sharing options...
bofors Posted January 3, 2007 Share Posted January 3, 2007 lol i remember that, and they did pay people to do it (how stupid was that?) and the lawyers told them that a reward to anyone who could create a virus for osx was really stupid.... witch it is, why encourage virus development on your own system, although it would have been logical for them to pay for windows viruses Hacking is different than virusus. Virus could obviously get out of control. There really is no risk to paying for demonstrations of hacks. The details could be kept private. Someone actually did put $10k or so for anybody to hack into classic MacOS and nobody collected. This is often taken as proof of its network security. I see now Apple has actually done this itself before: Apple Europe's Hack-a-Mac Contest Apple Computer Europe has announced the "Hack-a-Mac" Internet Server contest at Imprinta, Europe's biggest publishing trade fair. Hack-a-Mac entrants are challenged to modify the content of the "Try Me" page located on these Global Access Internet Server web sites: http://hack-a-mac.global.de/ The most successful hacker will win a new Apple PowerBook 3400c computer. Rules and conditions of the competition are also listed at the above sites. http://developer.apple.com/adcnews/pastiss...news061397.html About the same time, someone put up money to hack a Mac web server. A Macintosh Web Server Security Challenge From June 1 to July 15, 1997, VirTech Communications is challenging the global "hacker" community to bypass the security of its Macintosh World Wide Web server. Similar contests have been conducted in the United States and Sweden, but VirTech's challenge is unique in that it addresses popular Internet security issues that are plaguing the media today. By launching the challenge, VirTech wants to overturn the notion that the Internet is vulnerable to credit card number snatching. http://developer.apple.com/adcnews/pastiss...news061397.html Link to comment Share on other sites More sharing options...
asap18 Posted January 3, 2007 Share Posted January 3, 2007 Hey, dont go dissing my quicktime Anyway nothing that connects to the internet is 100% secure, and this bug further points out that it is not Mac OS X that is unsafe but the software not the operating system. Link to comment Share on other sites More sharing options...
MadDoggyca Posted January 3, 2007 Share Posted January 3, 2007 If you run Quicktime at all you should be worried, it affects both OSX and Windows. I tried a bunch of different search engines, but all I can find is old news leading up to this month. i'm sure it won't be hard to find the new exploit for the day on any tech site. If your Runnign Quick Time at all you shoudl be worrie ...expeslly if your a windows user.. I know mac may not have much other altertive for watchign video but honestl who realy need quick time when u have the Comunity codec Pack and WMP11??? for Mac User ...GOOD LUCK Link to comment Share on other sites More sharing options...
Ai Haibara Posted January 3, 2007 Share Posted January 3, 2007 I think almost anyone will use this bug to hack our Macs. However, I really hope that “LMH” and Kevin Finisterre will help Apple to fix this and others bugs. Sherry Haibara Link to comment Share on other sites More sharing options...
head Posted January 3, 2007 Share Posted January 3, 2007 If your Runnign Quick Time at all you shoudl be worrie ...expeslly if your a windows user.. I know mac may not have much other altertive for watchign video but honestl who realy need quick time when u have the Comunity codec Pack and WMP11??? for Mac User ...GOOD LUCK in windows quicktime sux, you are right (but wmp does too, btw).. but in os x it´s a great tool for all conversion processes and is deeply buried in the system...and it is still one of the nicest-looking players out there... and as for other players: the mac-version of the vlc-player had a security issue a few days before, too! Link to comment Share on other sites More sharing options...
A Nonny Moose Posted January 3, 2007 Share Posted January 3, 2007 There's a difference between idiocy and helping to fix security holes. The people doing this are idiots and aren't really helping to fix security problems. As for the QuickTime problem...it isn't something that is OS X exclusive, which these idiots promised. So their month of OS X exploits seem flawed from the start. Link to comment Share on other sites More sharing options...
Guest bikedude880 Posted January 3, 2007 Share Posted January 3, 2007 As for the QuickTime problem...it isn't something that is OS X exclusive, which these idiots promised. So their month of OS X exploits seem flawed from the start. Ah, but it is Apple software that was later ported to Windows... anyone remember it from pre-OS X? Link to comment Share on other sites More sharing options...
A Nonny Moose Posted January 3, 2007 Share Posted January 3, 2007 Oopsie, guess we ran out of steam early Link to comment Share on other sites More sharing options...
bofors Posted January 3, 2007 Share Posted January 3, 2007 Oopsie, guess we ran out of steam early I do not know about this. The idea that a flaw in third party software can possible be used to allow an attacker to execute any code is somewhat troubling to me. Of course the difficulty of this, make it seriously unlikely that it will happen, seriously impractical for a lot of hacking goals: http://projects.info-pull.com/moab/MOAB-02-01-2007.html Program received signal EXC_BAD_INSTRUCTION, Illegal instruction/operand. [Switching to process 785 thread 0x7c0f] 0xa0011397 in dyld_stub___vfprintf () It seems that on a EXC_BAD_INSTRUCTION signal, OS X should be able to prevent this type of thing happening. I think Apple has to consider re-designing the kernel so that it impossible to get control of OS X when these types of faults, buffer-overflows or whatever occur. On the other hand, I much rather see ideas like this propagate, than {censored} like Fox News... 4. (Paragraph 28) There are many individuals of the middle and upper classes who resist some of these values, but usually their resistance is more or less covert. Such resistance appears in the mass media only to a very limited extent. The main thrust of propaganda in our society is in favor of the stated values. http://projects.info-pull.com/moab/MOAB-02-01-2007.html Link to comment Share on other sites More sharing options...
wow Posted January 4, 2007 Author Share Posted January 4, 2007 http://download.videolan.org/pub/videolan/vlc/0.8.6a/ the second bug was the vlc bug here you can find the new patched vlc Link to comment Share on other sites More sharing options...
wow Posted January 4, 2007 Author Share Posted January 4, 2007 bug number 3: A month ago, a vulnerability in QuickTime was exploited to spread a worm in MySpace. The vulnerability was first published by pdp. In his article, pdp describes how HREFTrack attribute in .mov files can be used for malicious scripting. The MySpace worm abused this vulnerability in a cross-site scripting attack vector. This MoAB issue shows that this vulnerability can also be used in a cross-zone scripting attack which could allow, in combination with other vulnerabilities, to remotely execute arbitrary code on the user's machine, as well as disclosure of the filesystem contents. Affected versions This issue has been successfully exploited in QuickTime™ Version 7.1.3. Previous versions should be vulnerable as well. Proof of concept, exploit or instructions to reproduce Requires a working Ruby interpreter. If 'serve' argument is passed, it will launch both a web server (via Webrick) and a non-standard (aka quick hack) FTP server. The exploit uses Microsoft Text Driver ADODB connection which requires an anonymous FTP login to the exploit location, for an unknown reason. The FTP hack hasn't been fully tested and thus it's been removed from the public version. It will generate the files for the location of your choice: $ ruby MOAB-03-01-2007.rb ++ Preparing files... ++ Script file.... ++ HTA payload file.... -- Terminating: 761 Modify REMOTE_HOST, REMOTE_URL and HTA_PAYLOAD as necessary. Note that you still need to provide a MOV file with the crafted HREFTrack attribute. See notes below for information about how to do it. Link to comment Share on other sites More sharing options...
wow Posted January 4, 2007 Author Share Posted January 4, 2007 btw you can see each day for yourself what bugs are new on http://projects.info-pull.com/moab/index.html Link to comment Share on other sites More sharing options...
Recommended Posts