The Hacker's Guide to OS X
eBook - ePub

The Hacker's Guide to OS X

Exploiting OS X from the Root Up

  1. 248 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

The Hacker's Guide to OS X

Exploiting OS X from the Root Up

Book details
Book preview
Table of contents
Citations

About This Book

Written by two experienced penetration testers the material presented discusses the basics of the OS X environment and its vulnerabilities. Including but limited to; application porting, virtualization utilization and offensive tactics at the kernel, OS and wireless level. This book provides a comprehensive in-depth guide to exploiting and compromising the OS X platform while offering the necessary defense and countermeasure techniques that can be used to stop hackers

As a resource to the reader, the companion website will provide links from the authors, commentary and updates.

  • Provides relevant information including some of the latest OS X threats
  • Easily accessible to those without any prior OS X experience
  • Useful tips and strategies for exploiting and compromising OS X systems
  • Includes discussion of defensive and countermeasure applications and how to use them
  • Covers mobile IOS vulnerabilities

Frequently asked questions

Simply head over to the account section in settings and click on ā€œCancel Subscriptionā€ - itā€™s as simple as that. After you cancel, your membership will stay active for the remainder of the time youā€™ve paid for. Learn more here.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Both plans give you full access to the library and all of Perlegoā€™s features. The only differences are the price and subscription period: With the annual plan youā€™ll save around 30% compared to 12 months on the monthly plan.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, weā€™ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes, you can access The Hacker's Guide to OS X by Alijohn Ghassemlouei,Robert Bathurst,Russ Rogers in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Syngress
Year
2012
ISBN
9781597499545
Topic
Computer Science
Subtopic
Cyber Security
Index
Computer Science

Chapter 1

Introduction

Information in this chapter:

ent
Ā Why You are Reading this Book
ent
Ā What is Contained Within this Guide
ent
Ā The Path Ahead

Why You are Reading This Book?

The question in the large heading print may strike you ask, ā€œYes, why am I reading The Hackers Guide to Mac OSX?ā€ Perhaps it was the word hackers, perhaps you picked it up at random, or perhaps you own an Apple product and suddenly grew concerned that there might be bad people doing bad things to your precious iSomething. Well rest assured, reader, that this book does not contain new vulnerabilities, exploits, or chapters of shellcode. The Hackers Guide to Mac OSX is here as a learning tool for students, professionals, and the curious reader to better understand the realm in which they are venturing forth. But, why should anyone care about testing the security of a company who commands such a small share of the over all pc market with less than 15%1[1]?
Iā€™m glad you asked. Apple products, in terms of pc market share are indeed small, but their mobile platforms such as the iPad and iPhone account for commanding portions of the mobile device market and their pc share continues to grow annually. What this means for us as security professionals is that we will continue to see iOS and OSX use continue to grow in both consumer and business sectors, and we must be able to properly assess the potential vulnerabilities of those systems.

What is Contained Within the Guide?

The Guide contains tools, tips, and techniques from our experiences as professional penetration testers and Apple enthusiasts to help you, the reader, gain a better understanding of the mindset needed to analyze Apple products from a security perspective. While there are many books available on how to think like a penetration tester, hacker, attacker, or generally aggressive person, there are a lack of books bridging the gap between the high level (This is how to turn on an Apple product) and the low level (Look at my awesome 1s and 0s). The following chapter listings have a brief synapses for each chapter, enjoy.

Chapter 1: The Introduction

You are reading it.

Chapter 2: OS History

The OS History chapter, much like its title suggests, is focused on the history and progression of the various Apple operating systems from OS8 through OSX 10.7. We will walk you through the significance of the legacy operating systems and how they relate to the design choices of the underlying systems such as Coca and EFI under the current OSX. In addition, the reader should understand that Apple is releasing its Mountain Lion version of OSX in August of 2012, which includes other changes that could impact the way you use your computer, including changes to the way the OS integrates X11 functionality.

Chapter 3: The Filesystem

In the Filesystem chapter we will cover HFS/HFS+ and how the filesystem provides an abstraction layer to the user. We will also cover the organization of the filesystem, including inodes and file caching.

Chapter 4: Footprinting OSX

Footprinting is a crucial piece of the recon process during a penetration test and offers valuable information such as open ports and OS versions. This information will allow you to narrow your possible payload choices and know when it is possible to use a remote exploit. We will show you how fingerprint an OSX machine, and what it looks like to industry tools such as NMap, Nessus, Metasploit. We will also provide advice on what useful and valuable information to look for in the output.

Chapter 5: Application and System Vulnerabilities

Now we get to the part everyone loves, how and what to break. In this chapter we will take you through targeting applications, how the applications interact with the operating system, exploiting vulnerable applications, code compiling, and much more.

Chapter 6: Defensive Applications

Every good offense needs a good defense, or something like that. While we focus on the weaknesses of the operating system and applications we must also know what we are facing as the system and users attempt to defend themselves. We will cover Firevault implementation, the built-in OSX firewall, anti-virus suites, kernel security, and pesky things users do to keep themselves safe.

Chapter 7: Offensive Tactics

We showed you how to break what was not meant to be broken, now we sharpen that mentality by showing you how to maintain presence and navigate through the system. This chapter covers modifying the kernel and drivers, command line tools (they help system admins, they help us too), pivoting from Metasploit through an OSX system, and attacker centric scenarios.

Chapter 8: Reverse Engineering

Reverse Engineering is a complex skill and we will not claim that this chapter will teach you how to be the worldā€™s greatest vulnerability finder, but what we will do is teach you to think about what happens to an application when it has a glitch. We will show you assemblers, compilers, reflectors, and basic fuzzing. If this sounds like we just made up a bunch of words, fear not, they all mean something.

Chapter 9: Mobile Platforms

Everyone loves the iSomething; hordes of people across the globe carry an iOS- based device with them every day and contained on these devices are untold amounts of personal information. We will look at the architecture of iOS, security implications, iOS signing, footprinting, and jailbreaking.

Chapter 10: Tips, Tricks, and the Future

This is the gift for all those who waited, or those of you who just skipped to the end of the book. Contained within these pages is all the information we could not fit into the other chapters, fun projects such as the Hackintosh, and handy reference lists for ports and processes.

The Path Ahead

Now that you are as excited to read this book as we were to write it; we will offer some tips to help you as you move though the text. As you read through this book you will notice helpful tips in the sidebar and notes or references contained in the footer. Taking the time to review and read over these bits of extra information will help you to further understand the concepts we are discussing. We will often reference a website, whitepaper, or book that contains more information on the current topic than we can fit into the pages of the book and recommend browsing those resources should you wish to expand your knowledge.

Reference

1. <http://macdailynews.com/2011/10/12/gartner-apple-mac-grabbed-12-9-share-of-u-s-pc-market-in-q311/>.
1http://macdailynews.com/2011/10/12/gartner-apple-mac-grabbed-12-9-share-of-u-s-pc-market-in-q311/.

Chapter 2

History and Introduction to OSX

History and Introduction to OSX

As a technical reader, Iā€™ve always managed to devour technical books; often collecting them like some people collect bottle caps. In most of those books there is always a chapter on history, often full of dry, boring material that has limited relevance to the remainder of the book. Because of this, Iā€™ve gotten into a habit of skipping these chapters on a routine basis.
However, with this publication, the history of how Apple came to the point of creating the OS X operating system has tremendous value to the remaining chapters. In the interest of fairness, and to alleviate the painful yawning, Iā€™ve slimmed the content in this chapter down to just those concepts that will be the most useful to you as the reader. While it may be a shorter chapter, it will most certainly carry its value with rich, juicy tidbits of information, instead of the usual bland and boring history lessons weā€™ve all studied in the ancient textbooks.

OSX Origins

A Byte of History

Since this book is focused on OSX, the following sections will be rather targeted; not repeating the same Apple story weā€™ve all heard a dozen times. The goal here is not to create Apple zealots or fan boys, itā€™s to provide relevant information so that you, as the reader, can form well-rounded opinions and decisions regarding the technical work that will be done.
Apple Computers was originally founded by Steve Jobs and Steve Wozniak on April 1st 1976, when they released the Apple I computer. By 1985, Steve Jobs had been ousted from Apple after a conflict with then CEO, John Sculley. When he left, Jobs founded a new company named NeXT, Inc., which was later split into two and renamed NeXT Computer, Inc. and NeXT Software, Inc. The new companies built computers, and an operating system, called NeXTStep, which was later used to invent the World Wide Web (WWW), by Tim Berners-Lee.
NeXTStep was built on top of a relatively unknown micro kernel architecture from Carnegie Mellon University, along with source code from the Berkeley Software Distribution (BSD). The end result was not an actual microkernel, but ended up much closer to the more familiar monolithic kernel most modern operating systems use. So looking back in hindsight, itā€™s not really a huge surprise to find out that when Apple acquired NeXT in 1997 and brought Steve Jobs back as CEO of the company, that Apple began using the NeXTStep operating system as the foundation for what would eventually become the Mac OS X operating system we use today.
There are actually multiple components to the NeXTSTEP kernel itself. The kernel was comprised of version 2.5 of the Mach kernel and components of 4.3BSD, on top of which there was an object oriented API for writing drivers called Driver Kit. When Apple purchased NeXT the OS was revamped, the Mach component was upgraded to version 3.0 and code was used from the FreeBSD project to update the BSD sub-system. Driver kit was also replaced with what is now known as I/O Kit which is a C++ API for writing drivers. This kernel as it currently stands today is known as XNU. XNU is an acronym which stands for X is not Unix.
While Mach is a microkernel and technically allows running the various kernel responsibilities in separate pro...

Table of contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Forward
  6. Chapter 1. Introduction
  7. Chapter 2. History and Introduction to OSX
  8. Chapter 3. The Filesystem
  9. Chapter 4. Footprinting OSX
  10. Chapter 5. Application and System Vulnerabilities
  11. Chapter 6. Defensive Applications
  12. Chapter 7. Offensive Tactics
  13. Chapter 8. Reverse Engineering
  14. Chapter 9. Mobile Platforms
  15. Chapter 10. Mac OS X Tips and Tricks
  16. Index