Linked by Thom Holwerda on Mon 6th Mar 2006 21:59 UTC, submitted by crispoe
Mac OS X "In response to the woefully misleading ZDnet article, 'Mac OS X hacked under 30 minutes', the academic Mac OS X Security Challenge has been launched. The ZDnet article, and almost all of the coverage of it, failed to mention a very critical point: anyone who wished it was given a local account on the machine (which could be accessed via ssh). The challenge is as follows: simply alter the web page on this machine, test.doit.wisc.edu. The machine is a Mac mini (PowerPC) running Mac OS X 10.4.5 with Security Update 2006-001, has two local accounts, and has ssh and http open - a lot more than most Mac OS X machines will ever have open."
Permalink for comment 102032
To read all comments associated with this story, please click here.
RE[3]: local account
by anduril on Tue 7th Mar 2006 00:58 UTC in reply to "RE[2]: local account"
anduril
Member since:
2005-11-11

You truely are dillusional. Rootkits exist for Unix/Linux/OSX just as well as they exist for Windows. If you're in the right circles, you'll have easy access to them.

Also, the point of a rootkit is to make detection difficult if not impossible in some situations. The same, suprise suprise, can happen in Unix. In fact, rootkits existed on Unix before Windows. Hmm.

So to your final point, if Im in user mode in Windows XP (which I am) show me the simple command to take root and take down the kernel. Other than Ctrl+Alt+Del which doesn't give you root access.

Reply Parent Score: 4