Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2743 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Ethical Hacking and Countermeasures Version 6 Module XXXIV MAC OS X Hacking Ethical Hacking and Countermeasures v6 Module XXXIV: MAC OS X Hacking Exam 312-50 Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2744 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News Source: http://www.zdnet.com.au/  News According to the individual who won the challenge for hacking Mac OS X, root access can be gained easily on Mac OS X. One Sweden-based Mac enthusiast issued an open challenge to the attackers to gain a root control on his Mac Mini system, which he set as a server by giving local client access for target system to the participants. The attacker can get complete privileges on the system and can delete files and folders or install applications using root access. The attacker who won the challenge took just 30 minutes to gain the root control on the system. He made use of a vulnerability that was not published or patched by Apple. According to security researcher Neil Archibald, various vulnerabilities are present in Mac OS X that can be exploited by attackers. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2745 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • MAC OS • Vulnerabilities in MAC OS • Worm and Viruses in MAC OS • Anti-Viruses in MAC OS • MAC OS Security Tools This module will familiarize you with: Module Objective This module will familiarize you with:  MAC OS  Vulnerabilities in MAC OS  Worm and Viruses in MAC OS  Anti-Viruses in MAC OS  MAC OS Security Tools Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2746 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow Vulnerabilities in MAC OS MAC OS Security Tools Anti-Viruses in MAC OS Worm and Viruses in MAC OS MAC OS Module Flow Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2747 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Introduction to MAC OS X Mac OS X is a uniquely powerful development platform, bringing a 32- bit and 64-bit architecture and multiprocessor capability to the desktop and server arenas It provides an extremely productive high-level programming environment, Cocoa, combined with the full power of real UNIX Features: • Runtime Flexibility Built on Powerful Frameworks • Advanced Developer Tools • Best Graphics on a Desktop • Internationally Savvy  Introduction to MAC OS Source: http://developer.apple.com/macosx/ Mac OS X is a uniquely powerful development platform, bringing a 32-bit and 64-bit architecture and multiprocessor capability to the desktop and server arenas. It provides an extremely productive high-level programming environment in Cocoa, the full power of real UNIX, and a host of open source web, scripting, database, and development technologies. The built-in Xcode tools, combining time-tested stability and performance, standards-based technologies, and a remarkable user interface, make Mac OS X an amazingly multifaceted development platform. It delivers revolutionary technologies like Spotlight, Dashboard, Automator, Core Data, Core Animation, Core Image, and many others. These powerful additions to the modern, UNIX-based foundation make Mac OS X the most advanced operating system available. It includes a number of easy-to-use technologies that play a dual role as great applications and system services, allowing developers to enhance their applications with iChat Theater, Time Machine, Spotlight, Dashboard, Automator, and VoiceOver. iChat Theater takes instant messaging far beyond simple text—into the world of multimedia, allowing you to share audio and video. As a developer, you too can access these features and create applications that intelligently determine who are online, share videos, and control iChat through AppleScript. Mac OS X provides outstanding stability and performance. It starts with a 64-bit, open source UNIX core. Apple integrated the widely-used FreeBSD 5 UNIX distribution with the Mach 3.0 microkernel to deliver key functionality and a solid foundation. Preemptive multitasking, symmetric multiprocessing (SMP), and protected memory forms the cornerstones of this foundation. Runtime Flexibility Built on Powerful Frameworks Mac OS X provides several runtime environments, all of which integrate under a single desktop environment. Whether you prefer an object-oriented application framework, procedural APIs, a highly-optimized and tightly integrated implementation of Java SE, BSD UNIX APIs and libraries, or X11, you can run it all on the Mac OS X desktop. Advanced Developer Tools Mac OS X provides you with a full suite of free developer tools to prototype, compile, debug, analyze, and optimize your applications, speeding up your development cycle. Xcode 3 includes a robust Integrated Development Environment (IDE) for writing applications, libraries, and drivers, and a complete set of developer documentation. Underlying Xcode is GCC 4, an Apple- optimized version of the popular open source compiler, plus the GNU Debugger (GDB). Xcode also includes Interface Builder, an easy-to-use graphical editor for designing and managing your Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2748 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. application's user interface. Whether you code in Objective-C, C/C++, or another popular language, Xcode can handle it. Best Graphics on a Desktop Mac OS X is built around a powerful, integrated stack of graphics technologies, including OpenGL, Core Animation, and Core Image. These provide a solid foundation for application developers to create great applications. Mac OS X's multithreaded graphics layer handles application windowing, 2D and 3D drawing, animation, and multimedia. Together, the subsystems of the graphics layer provide fast, elegant graphics to the operating system and to your application, making possible cutting-edge user interface features. Internationally Savvy Mac OS X has always been friendly to an international audience. Every major release of Mac OS X ships simultaneously in sixteen languages. To support this capability, Mac OS X provides conversion utilities to manage locales, dates, currencies, and measurement systems in a consistent manner. Mac OS X includes Unicode tools to handle text systems used around the world. And, by packaging an application's executable code, libraries, and resource files into single binary, both internationalized and localized software versions can launch dynamically from a single application icon. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2749 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Vulnerabilities in MAC OS X Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2750 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Crafted URL Vulnerability Input validation issue exists in the processing of URL schemes handled by Terminal.app By enticing a user to visit a maliciously crafted web page, an attacker may cause an application to be launched with controlled command line arguments, which may lead to arbitrary code execution This vulnerability affects Apple Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 and v10.5.1, and Mac OS X Server v10.5 and v10.5.1  Crafted URL Vulnerability Source: http://www.kb.cert.org/vuls/id/774345 The way Apple Mac OS X handles specially crafted URLs may allow an attacker to execute arbitrary code. An input validation issue exists in the processing of URL schemes handled by Terminal.app. By enticing a user to visit a maliciously designed web page, an attacker may cause an application to be launched with controlled command line arguments, which may lead to arbitrary code execution. This vulnerability affects Apple Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 and v10.5.1, and Mac OS X Server v10.5 and v10.5.1. A remote, unauthenticated attacker may be able to execute arbitrary code using this vulnerability. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2751 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited CoreText Uninitialized Pointer Vulnerability Apple Mac OS X CoreText is a framework for handling text on Mac OS X Tiger (10.4) and later Mac OS X CoreText fails to properly initialize pointers, which can cause memory corruption Any application that uses the CoreText framework for handling text is vulnerable By convincing a user to view specially crafted text an attacker can execute arbitrary code or cause a denial of service on a vulnerable system  CoreText Uninitialized Pointer Vulnerability Source: http://www.kb.cert.org/vuls/id/498105 Apple Mac OS X CoreText contains an uninitialized pointer vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Apple Mac OS X CoreText is a framework for handling text on Mac OS X Tiger (10.4) and later. Mac OS X CoreText fails to properly initialize pointers, which can cause memory corruption. Any application that uses the CoreText framework for handling text may be vulnerable. By convincing a user to view specially crafted text, a remote, unauthenticated attacker may be able to execute arbitrary code or cause a denial of service on a vulnerable system. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV Page | 2752 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited ImageIO Integer overflow Vulnerability Graphics Interchange Format (GIF) is a popular image format supported by Mac OS X applications ImageIO framework allows applications to read and write various image file formats, including GIF An integer overflow vulnerability exists in the process of handling GIF files By enticing a user to open a maliciously crafted image, an attacker can trigger the overflow, which may lead to an unexpected application termination or arbitrary code execution  ImageIO Integer Overflow Vulnerability Source: http://www.kb.cert.org/vuls/id/559444 Apple's ImageIO framework contains an integer overflow vulnerability that may allow an attacker to execute code on a vulnerable system. The Graphics Interchange Format (GIF) is a popular image format supported by many Apple Mac OS X applications. The ImageIO framework allows applications to read and write various image file formats, including GIF. Integer overflow vulnerability exists in the process of handling GIF files. By enticing a user to open a maliciously- crafted image, an attacker can trigger the overflow, which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of GIF files. This issue does not affect systems prior to Mac OS X v10.4. A remote unauthenticated attacker may be able to execute arbitrary code or cause a denial-of-service condition. The specially crafted GIF file used to exploit this vulnerability may be supplied on a web page, as an email attachment or inside an email, or by some other means to convince the user for opening the malicious file. Solution: Apple has published Mac OS X 10.4.9 for Mac OS X 10.4 (Tiger) systems and Security Update 2007-003 for Mac OS X 10.3 (Panther) systems in response to this issue. . Ethical Hacking and Countermeasures Version 6 Module XXXIV MAC OS X Hacking Ethical Hacking and Countermeasures v6 Module XXXIV: MAC OS X Hacking Exam 312-50. in Mac OS X that can be exploited by attackers. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker MAC OS X Hacking Module XXXIV