advertisement

Article:
  Mac Security: Identifying Changes to the File System
Subject:   Mac OS X Rootkits
Date:   2005-10-12 16:38:18
From:   hard-mac
Response to: Mac OS X Rootkits

Opener never was a rootkit, very correct. Just a small POC to show what could happen on the OSX platform. It doesn't have to be installed locally as you say. NetCat was included because OS X never used to have a copy and the version it includes currently is still crippled.


peterhickman wrote: "So to install a rootkit to give you root access to a system you require root access, deeply flawed in my mind."


This is what a rootkit is, it is designed to keep root access on a box once you have it already. Not to get root, other exploits are used for this.



peterhickman wrote: "One day there will be a credible rootkit for OS X, but today I am not too worried."



As for real rootkits, Togroot is a pretty sad example. Have you looked at WeaponX yet. It's fairly powerful.


Cheers, hard-mac


Hardening Your Macintosh
http://members.lycos.co.uk/hardapple/




1 to 1 of 1
  1. Mac OS X Rootkits
    2005-10-13 13:58:41  peterhickman [View]

1 to 1 of 1