Two well-known Mac hackers are updating a widely used hacking toolkit, making it easier to take control of a Macintosh computer.
Over the past few days, the researchers have been quietly adding new software to the Metasploit toolkit, used by security researchers and criminals alike.
Metasploit already supported Mac attacks, but until recently the Mac code hadn't been as good as Metasploit's Windows and Linux tools, said Dino Dai Zovi, an independent security researcher who talked about the new tools with his collaborator Charlie Miller at the CanSecWest conference Friday. "Our goal was to make Mac OS X a first-class target for Metasploit."
Metasploit is an open-source toolkit that makes it easy for hackers to launch a barrage of attacks against a computer system.
Miller and Dai Zovi earned fame in previous years for hacking Macintosh computers at CanSecWest's annual Pwn2Own hacking contest. On Wednesday, Miller, a researcher with Independent Security Evaluators, won $5,000 and a Mac laptop by using a previously unknown Safari vulnerability to hack into a Mac system.
The hack was done before contest organizers. In an interview, Miller said he had hoped to demonstrate it before an audience at CanSecWest, but was prevented from doing so because of Pwn2Own contest rules, which prohibit public discussion of bugs exploited in the contest.
Miller and Dai Zovi say their work is designed to bring attention to serious security problems in the Mac platform, which has largely avoided the wide-scale attacks that have plagued Windows for years. Dai Zovi said he considers the Mac safe, but not secure.
"There's a difference between safety and security," he said. "It's like leaving your door unlocked. ... Leaving your door unlocked is always insecure, but it may or may not be safe."
At the show, the researchers demonstrated several payload programs they have developed for Metasploit, including one called "Pic the Vic," which can be used to snap a photograph of a Mac user who has been hacked, using the computer's camera.
They have also ported a Windows tool, called Meterpreter, to the Mac. Meterpreter is a stealth tool that can be used to gain information from and import more software onto a hacked computer.
In the next few days they plan to add exploit code to Metasploit for a handful of previously patched Mac software bugs. Exploit code must be used to first hack into the computer before any payload software can be installed.
Although there are still many more exploits available for Windows software than for Macs, the new payload code means there is now "more or less the same functionality if you want to target a Mac box or a Windows box," Miller said.
MacVideo Focus Group
We are trying to improve the focus of our sister title MacVideo and to understand our readership a little better. We would like to speak to some video professionals, especially the techies among you, to get your views of the industry. We will pay £50 for participation in our focus group. Click here to volunteer to participate.
Contact Us
Digg
It's easy and free to get the latest news headlines, reviews and opinions straight to your email inbox. Sign up NOW to make sure you receive the latest Mac news, reviews and tutorials on your favourite topics.
Comments received
Ynda said on Fri, 20 Mar 2009
Scary stuff. Does MacWorld have any advice on protection against criminal attacks on our Macs?
Boby-Wan said on Fri, 20 Mar 2009
Yes, it would be nice if you could tell us ways to know when our computers have been hacked and what to do in that case.
I do not understand how can anyone consider those programs anything but threats, seeing that, apparently, they only allow you to hack into another's computer, instead of warning you if you've been hacked (or am I missing something)? These guys only incite others to hack and, what is worst, they give them the means to do it.
Boby-Wan said on Fri, 20 Mar 2009
Also, a guide on how to prevent those hacks would be welcomed. ;)
By the way, I'm talking without really knowing what these guys did and what those programs can do (because I do not dare to go to their web-site) so, if I said something wrong I'd appreciate any corrections. ;)
Thank you for keeping us informed.
Joanna said on Sat, 21 Mar 2009
This is nothing, a new exploit that can hit any system based around Intel CPU's is about to be released:
"Thursday, March 19th, 1600 UTC, we will publish a paper (+ exploits) on exploiting IntelĀ® CPU cache mechanisms. The attack allows for privilege escalation from Ring 0 to the SMM on many recent motherboards with Intel CPUs. Rafal implemented a working exploit with code execution in SMM in a matter of just a few hours."
www.networkworld.com/community/node/39825
Neuromancer said on Mon, 23 Mar 2009
Thinking about a rusty knife to cut some best parts of this guys.if this come in the wild
Disclaimer
Opinions expressed here are those of the writers and do not reflect those of Macworld. Macworld accepts no responsibility legal or otherwise for their accuracy of content.
Click here to read the house rules.
Click here for the latest reader comments