Posted on 03/06/2006 10:47:30 AM PST by ShadowAce
updateGaining root access to a Mac is "easy pickings," according to an individual who won an OS X hacking challenge last month by gaining root control of a machine using an unpublished security vulnerability.
On February 22, a Sweden-based Mac enthusiast set his Mac Mini as a server and invited hackers to break through the computer's security and gain root control, which would allow the attacker to take charge of the computer and delete files and folders or install applications.
Within hours of going live, the "rm-my-mac" competition was over. The challenger posted this message on his Web site: "This sucks. Six hours later this poor little Mac was owned and this page got defaced".
The hacker that won the challenge, who asked ZDNet Australia to identify him only as "gwerdna", said he gained root control of the Mac in less than 30 minutes.
"It probably took about 20 or 30 minutes to get root on the box. Initially I tried looking around the box for certain mis-configurations and other obvious things but then I decided to use some unpublished exploits -- of which there are a lot for Mac OS X," gwerdna told ZDNet Australia .
According to gwerdna, the hacked Mac could have been better protected, but it would not have stopped him because he exploited a vulnerability that has not yet been made public or patched by Apple.
"The rm-my-mac challenge was setup similar to how you would have a Mac acting as a server -- with various remote services running and local access to users… There are various Mac OS X hardening guides out there that could have been used to harden the machine, however, it wouldn't have stopped the vulnerability I used to gain access.
"There are only limited things you can do with unknown and unpublished vulnerabilities. One is to use additional hardening patches -- good examples for Linux are the PaX patch and the grsecurity patches. They provide numerous hardening options on the system, and implement non-executable memory, which prevent memory based corruption exploits," said gwerdna.
Gwerdna concluded that OS X contains "easy pickings" when it comes to vulnerabilities that could allow hackers to break into Apple's operating system.
"Mac OS X is easy pickings for bug finders. That said, it doesn't have the market share to really interest most serious bug finders," added gwerdna.
Apple's OS X has come under fire in recent weeks with the appearance of two viruses and a number of serious security flaws, which have since been patched by the Mac maker.
In January, security researcher Neil Archibald, who has already been credited with finding numerous vulnerabilities in OS X, told ZDNet Australia that he knows of numerous security vulnerabilities in Apple's operating system that could be exploited by attackers.
"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.… If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," said Archibald at the time.
An Apple Australia spokeswoman said today it was unable to comment at this stage.
placemarker
The equivalent here is setting up your XP box as a server with a bunch of services turned on.
The report is slightly troubling, but it would be more interesting if he'd actually set up OS X Server with normal SOP to lock it down to a real-world role.
Gotta love how the tech rags have been going after OS X lately.
This is a joke. This 'tard issued accounts on the machine to anyone who asked. AND MORE IMPORTANTLY, he left SSH open on his machine fir people to login.
This article can be discounted.
Did you read the story? Or just go by the title? I'm guessing the later.
It's still a capitalist pig OS - only free(loader) software permitted come the revolution...
The heck are you talking about?
Mac ping.
And the windows droids go wild.
Its kind of a bunk test as the hakers were given shell access..
(Denny Crane: "I Don't Want To Socialize With A Pinko Liberal Democrat Commie. Say What You Like About Republicans. We Stick To Our Convictions. Even When We Know We're Dead Wrong.")
Don't you just hate it when somebody steals your Shift key?
Oh that's gotta make you guys feel comfortable!
When the vulnerability itself is bunk, no, not really.
You said -- "Oh that's gotta make you guys feel comfortable!"
I just cracked your computer by a previously unknown and unpublished vulnerability. So you're just as vulnerable as those other guys. I'll bet you didn't even know I was in your computer.
Details? Well, I gave you just as much detail as you got from that article.
Regards,
Star Traveler
It reminds me of someone showing how a Caddy was damaged from being hit by a truck. Before that people were saying mini-cars were inherently dangerous. I guess it depends on the set up.
This sounds like a stunt, not like an experiment.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.