SecuriTeam.com has published a paper that outlines PowerPC architecture fundamentals, and methods of deriving working shellcodes for the exploitation of vulnerabilities discovered on the OSX and Darwin Operating Systems."
The paper covers the principles used to develop shellcodes intended for use in the exploitation of vulnerabilities discovered within Mac OS X. It assumes a basic understanding of the C language, its associated vulnerabilities and Assembly language on the Intel IA32 and PowerPC architectures.
All the examples used throughout the document were written within Mac OS X 10.2.6.
The team's conclusion:
"With the majority of exploit code being released for the IA32 architecture, it is important to realise that the same vulnerable software is regularly being installed on the PowerPC platform. With Darwin being based on FreeBSD a lot of third party applications will compile easily on the PowerPC architecture. Projects like Opendarwin and Fink, which port existing Unix applications to the OSX / Darwin Operating System, could render a machine open to compromise if an attacker can write the specific shellcodes required to exploit a vulnerable application."
The paper can be found at http://www.securiteam.com/securityreviews/5HP040KB5S.html.
What did they used to say on NYPDBlue? Be careful out there!
Jim Gibbs
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
