Penetration Testing mailing list archives
Re: [PEN-TEST] MacOS-9
From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Mon, 23 Oct 2000 16:52:48 -0400
On Sat, 21 Oct 2000, Derrick Lewis wrote:
I have been asked to test a system that is running MacOS-9. From what I know of (through checking the "wall closets" on my way out) they have a Cisco PIX-520 Firewall with a DMZ setup... Does anyone have any experience with penetrating Mac systems or can anyone point me to any resources that might assist me? Thank you.
most macos systems don't listen on any ports. however, their client software (ie web browsers) are often littered with bugs. i suggest you look at abusing, say, the brown orifice hole or something similar to create a method of entry. furthermore, the macos recently could be used to amplify DoS attacks when specially crafted. not exactly a penetration of a macos system, but it could use the system to assist in an attack (say take down a key server and spoof it with your own data; an NIS server comes to mind). jose nazario jose () biochemistry cwru edu PGP fingerprint: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 Public key available at http://biocserver.cwru.edu/~jose/pgp-key.asc
Current thread:
- [PEN-TEST] MacOS-9 Derrick Lewis (Oct 24)
- Re: [PEN-TEST] MacOS-9 Jose Nazario (Oct 24)
- Re: [PEN-TEST] MacOS-9 Riley Hassell (Oct 24)
- Re: [PEN-TEST] MacOS-9 cdowns (Oct 25)
- Re: [PEN-TEST] MacOS-9 Jev (Oct 25)
- Re: [PEN-TEST] MacOS-9 Eric Thomas Black (Oct 25)
- <Possible follow-ups>
- Re: [PEN-TEST] MacOS-9 Carskadden, Rush (Oct 24)