• Save
Presentation mac os x security
Upcoming SlideShare
Loading in...5
×
 

Presentation mac os x security

on

  • 666 views

 

Statistics

Views

Total Views
666
Views on SlideShare
666
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Presentation mac os x security Presentation mac os x security Presentation Transcript

  • MAC OS X in security 10 - 27 - 2011
  • Who am I?just an ordinary engineer
  • Me??an Engineer by heart, a Researcher by nightcommon human with extra ordinary stuff in myheadeasy go, easy left
  • cat /etc/personhandle orign : Reza Jalalddin Al-harohnick : ask google, or stay away from mefollow me at twitter.com/rezajalalbin/bash3.2# locate reza
  • Why Mac OS X?64 bit native operating systemquick primer in unix / BSDthe multi-user nature of unix systemthe unix file system and associated permissionmodelthe way unix provide network servicelets you have your cake and eat it too
  • how to install unix tools apple didn’t include with OS X? macports > www.macports.org homebrew > mxcl.github.com/homebrew/ requirement : Xcode with X11
  • mac for scanning network whois robtex.com nmap -A -T 5 -v -sV xxx.xxx.xxx.xxx
  • DEMO
  • high risk social engineering in action intruders : mac os x 10.7.1 target : windows 7 SP 1 32 bit exploit : signet applet social engineering code exec Microsoft windows UAC protection bypass
  • DEMO
  • intelligence and forensic gathering maltego from paterva
  • DEMO
  • how to hide ur ass in interneta distribute anonymous system “TOR”
  • DEMO
  • MAC OS X lion in the wildfounder patrick dunstan > http://www.defenceindepth.netseptember 2011Lion provides non root-user the ability to stillview password hash data by extracting fromdirectory serviceencrypt by OS X LION hashes (SHA512 + 4bytes salt)
  • MAC OS X lion in the wilddirectory service command line utility dscl localhost -read /Search/Users/c0r3 dsAttrTypeNative:ShadowHashData:hard to bruteforce or decrypt dscl localhost -passwd /Search/Users/c0r3
  • DEMO
  • thanks