Network Security: Detailed info on Re: Apple pentesting

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Pen-Test

[Top] [All Lists]

Re: Apple pentesting

from [Mike] Network Security

[Permanent Link]

Subject:	Re: Apple pentesting
Date:	Wed, 06 Apr 2005 11:56:20 -0700

At 4/5/2005 08:51 AM, Julian Totzek wrote:

I have to do a pentest in a environment where mac's should be located. Never
tested MacOS somebody have some tips for me? They normally should only be
clients no servers.
Do you know of special tools to test them, or is it possible to test them
with progs like nesuss?

Metasploit (http://www.metasploit.com) has exploits for three different MacOS vulnerabilities:

AppleFileServer LoginExt PathName Overflow
        http://www.metasploit.com/projects/Framework/exploits.html#afp_loginext
Arkeia Backup Client Type 77 Overflow (Mac OS X)
        
http://www.metasploit.com/projects/Framework/exploits.html#arkeia_type77_macos
Samba trans2open Overflow (Mac OS X)
        
http://www.metasploit.com/projects/Framework/exploits.html#samba_trans2open_osx

Any pen testing tools you use for BSD systems should work fairly well against MacOS X machines.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Apple pentesting, Julian Totzek Re: Apple pentesting, Erik Winkler RE: Apple pentesting, Leïth Maamer Re: Apple pentesting, Mike <= RE: Apple pentesting, Todd Towles Re: Apple pentesting, Daniel Re: Apple pentesting, sam f. stover Re: Apple pentesting, Thomas Stromberg Re: Apple pentesting, Thomas Hardly RE: Apple pentesting, Altheide, Cory B. (IARC) RE: Apple pentesting, Todd Towles Re: Apple pentesting, Daniel RE: Apple pentesting, Altheide, Cory B. (IARC) RE: Apple pentesting, Todd Towles

Previous by Date:	RE: Apple pentesting, Todd Towles
Next by Date:	Re: Apple pentesting, Javier Blanque
Previous by Thread:	RE: Apple pentesting, Leïth Maamer
Next by Thread:	RE: Apple pentesting, Todd Towles
Indexes:	[Date] [Thread] [Top] [All Lists]