Penetration Testing mailing list archives
Re: Apple pentesting
From: Mike <secfocus () mikesbytes com>
Date: Wed, 06 Apr 2005 11:56:20 -0700
At 4/5/2005 08:51 AM, Julian Totzek wrote:
I have to do a pentest in a environment where mac's should be located. Never tested MacOS somebody have some tips for me? They normally should only be clients no servers. Do you know of special tools to test them, or is it possible to test them with progs like nesuss?
Metasploit (http://www.metasploit.com) has exploits for three different MacOS vulnerabilities:
AppleFileServer LoginExt PathName Overflow http://www.metasploit.com/projects/Framework/exploits.html#afp_loginext Arkeia Backup Client Type 77 Overflow (Mac OS X) http://www.metasploit.com/projects/Framework/exploits.html#arkeia_type77_macos Samba trans2open Overflow (Mac OS X) http://www.metasploit.com/projects/Framework/exploits.html#samba_trans2open_osxAny pen testing tools you use for BSD systems should work fairly well against MacOS X machines.
Current thread:
- Apple pentesting Julian Totzek (Apr 05)
- Re: Apple pentesting Erik Winkler (Apr 05)
- Re: Apple pentesting Mike (Apr 06)
- <Possible follow-ups>
- RE: Apple pentesting Todd Towles (Apr 05)
- Re: Apple pentesting Daniel (Apr 05)
- Re: Apple pentesting sam f. stover (Apr 05)
- Re: Apple pentesting Thomas Stromberg (Apr 05)
- Re: Apple pentesting Thomas Hardly (Apr 06)
- RE: Apple pentesting Altheide, Cory B. (IARC) (Apr 05)
- RE: Apple pentesting Todd Towles (Apr 05)
- Re: Apple pentesting Daniel (Apr 06)
- RE: Apple pentesting Altheide, Cory B. (IARC) (Apr 05)
- RE: Apple pentesting Todd Towles (Apr 06)
(Thread continues...)