Salonen hopes that the tool will be of use to authorized penetration testers who wish to quickly grab passwords in a post-system-compromise scenario. What sets keychaindump apart from other possible root-level password stealing methods is the speed and ease with which it can achieve its goal. "And, as most developers know, root can do *anything*." ![]() "What I described was not a security vulnerability in OS X, as it requires root access to begin with," Salonen said Thursday via email. "News flash, root can also format your hard drive, news at 11," renowned Apple hacker Charlie Miller said on Twitter when learning about Salonen's tool. After all, it's a well known fact that you can do pretty much anything on an operating system from the root (administrator) account. This is not necessarily a bad design decision and implementing the keychain access mechanism in a different manner - for example, by asking the user to input their keychain password every time when an application needs to access keychain data - wouldn't have ultimately impacted the ability of attackers with root access to steal keychain data.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |