Re: Apple pentesting

[Thomas Hardly <hardmac () gmail com>]

Hi Julian,

You might be inetersted in some of the info on my little site
(http://members.lycos.co.uk/hardapple/ ) . I have information on OSX
exploits,  vulns, pentestsings and more. The Metasploit framework has
a couple OSX exploits also.

OSX has had numerous typical unix problems. And are getting rooted
more and more these days as crackers start looking at them more. Take
a read of the recent "OSX Zombie" post from the From CLIXchange, the
newsletter of the developers of CLIX. (
http://members.lycos.co.uk/hardapple/txt/OSX_Zombies.txt )


Cheers,
Thomas Hardly




On Apr 5, 2005 10:47 AM, Todd Towles <toddtowles () brookshires com> wrote:
> Nessus does work against Macs, the problem with testing Macs is they
> never released vulnerability statements..never. If a hole is found,
> Apple releases a patch and no ones says anything. If Microsoft did
> this..everyone would go crazy.
>
> > -----Original Message-----
> > From: Julian Totzek [mailto:julian.totzek () bristol de]
> > Sent: Tuesday, April 05, 2005 10:51 AM
> > To: pen-test () securityfocus com
> > Subject: Apple pentesting
> >
> > Hi Guys,
> >
> > I have to do a pentest in a environment where mac's should be
> > located. Never tested MacOS somebody have some tips for me?
> > They normally should only be clients no servers.
> > Do you know of special tools to test them, or is it possible
> > to test them with progs like nesuss?
> >
> > Cheers
> > Julian
> >
> >
> > ------------------------------
> > email scanned
> > filename: mailbody --> clean
> > SCANMODULE: Ikarus vdb: 05.04.2005(66449) version: 0.2.57.0
> > ------------------------------


-- 
     ..o:   It's 12 o'clock - do you know where your data is?   :o...
-------------------------------------------------------------------------------------------
Hardening Your Macintosh - http://members.lycos.co.uk/hardapple/
MacSecurity.org - http://www.macsecurity.org

pgp key fingerprint: 0F02 99D5 1D23 E445 22C9 9C90 8F24 FDBA B618 33C4