Posts tagged Apple

6 min Linux

Bash-ing Into Your Network & Investigating CVE-2014-6271

[UPDATE September 29, 2014: Since our last update on this blog post, four new CVEs that track ShellShock/bash bug-related issues have been announced. A new patch [http://lcamtuf.blogspot.com/2014/09/bash-bug-apply-unofficial-patch-now.html] was released on Saturday September 27 that addressed the more critical CVEs (CVE-2014-6277 and CVE-2014-6278). In sum: If you applied the ShellShock-related patches before Saturday September 27, you likely need to apply this new patch [http://lcamtuf.blogspo

5 min Apple

Weekly Metasploit Update: Apple, GDB, and Dogecoin

Apple TV Tricks This week, we have three new auxiliary modules that facilitate taking over Apple TV devices, all from community contributor 0a2940 [https://twitter.com/0a29], with help from Wei sinn3r [https://twitter.com/_sinn3r] Chen and Dave TheLightCosine [https://twitter.com/TheLightCosine] Maloney. Why Apple TV? Well, for starters, we already have modules for Google's Chromecast, a similar chunk of consumer hardware, and we didn't want Google to think we were picking on them. Secondly,

3 min Metasploit

Federal Friday - 7.18.14 - Mobile Movement

Happy Friday, Federal friends! The Midsummer classic is behind us which means we're heading into the dog-days of summer. I hope you all have some nice quality time planned with your families so you can get out and enjoy the weather, especially with the Winter and "Spring" we just went through. There was a big announcement [http://fcw.com/articles/2014/07/16/apple-ibm-deal.aspx] earlier this week regarding two titans of the tech industry that will have direct impact on several verticals, includi

2 min Android

Weekly Metasploit Update: Zeroing in on Mobile

The Android Exploit Mixin This week, Rapid7's Joe Vennix [https://twitter.com/joevennix] refactored our tried and true methods for exploiting the addJavascriptInterface vulnerability [http://www.rapid7.com/db/modules/exploit/android/browser/webview_addjavascriptinterface] , which happens to be present on a ton of consumer Android devices and Google Play store-approved apps, which means a couple things for Android exploit developers. First, there's now a testable library for adding new and exciti

3 min Apple

Metasploit Weekly Update: There's a Bug In Your Brain

Running Malicious Code in Safari The most fun module this week, in my humble opinion, is from Rapid7's own Javascript Dementor, Joe Vennix [https://twitter.com/joevennix]. Joe wrote up this crafty implementation of a Safari User-Assisted Download and Run Attack [http://www.metasploit.com/modules/exploit/osx/browser/safari_user_assisted_download_launch] , which is not technically a vulnerability or a bug or anything -- it's a feature that ends up being a kind of a huge risk. Here's how it goes:

4 min Apple

12 Days of HaXmas: Apple Safari Makes Password Stealing Fun and Easy? Yes, Please!

This post is the second in a series, 12 Days of HaXmas, where we take a look at some of more notable advancements in the Metasploit Framework over the course of 2013. If you are reading this blog post, I reckon you are somewhat a geeky security person, and you use some sort of application like KeyPass [http://keepass.info/] , Keychain [http://www.apple.com/support/icloud/keychain/], LastPass [https://lastpass.com/], etc, to manage your passwords. After all, we all know too well password stealin

1 min Android

Federal Friday - 12.20.13 - Deck the Halls Edition

'Tis the season to be jolly! Happy Holidays everyone! While it's amazing that Christmas is next week, it's not amazing how much shopping I still need to do (shh, don't tell my wife). Being that the season of gift giving is here it make sense to highlight a major request on many a letter to Santa Claus. Mobile devices! The focus this year, as in recent years, has been on the latest smartphones and tablets.There have been a few article put out this week regarding some of the security capabilitie

4 min Android

National Cyber Security Awareness Month: Keeping Mobile Devices Safe

To mark National Cyber Security Awareness Month, we're trying to help you educate your users on security risks and how to protect themselves, and by extension your organization. Every week in October we'll provide a short primer email on a different topic relating to user risk. The idea is that you can copy and paste it into an email and send it around your organization to promote better security awareness among your users.  The first post was on phishing [/2013/10/02/national-cyber-security-awa

2 min Apple

Federal Friday - 9.13.13 - Apple's Touch ID Release

Welcome to another edition of Federal Friday! It's been a busy week around here with 2 FISMA presentations earlier in the week and the ongoing effort to close out FY13 on 9/30. Plus the world came to a technological halt this week with the usual fervor surrounding your typical Apple event [http://www.idigitaltimes.com/articles/19853/20130910/iphone-5s-apple-event-september-2013-recap.htm] that was held on 9/10. This time the event centered around the upcoming iPhone release which featured th

4 min Product Updates

Weekly Update: Meterpreter Updates, VMWare, the OSX spycam, Retabbing, and more!

Meterpreter Updates This is a big week for Meterpreter. For starters, we've landed a new Meterpreter Python payload [https://github.com/rapid7/metasploit-framework/blob/master/modules/payloads/stages/python/meterpreter.rb] . Yes, yes, I know, you thought that Metasploit was all Ruby all the time, but this and the Python payloads for bind shells from Spencer McIntyre [https://github.com/zeroSteiner] should help out on advancing the state of Meterpreter by leaps and bounds. Despite Metasploit's m

3 min Product Updates

Weekly Update: Apple OSX Privilege Escalation

Sudo password bypass on OSX This week's update includes a nifty local exploit for OSX, the sudo bug described in CVE-2013-1775. We don't have nearly enough of these Apple desktop exploits, and it's always useful to disabuse the Apple-based cool-kids web app developer crowd of the notion that their computing platform of choice is bulletproof. Joe Vennix [https://github.com/jvennix-r7], the principle author of this module, is, in fact, of that very same Apple-based developer crowd, and usually bu

5 min Apple

Abusing Safari's webarchive file format

tldr: For now, don't open .webarchive files, and check the Metasploit module, Apple Safari .webarchive File Format UXSS [https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/apple_safari_webarchive_uxss.rb] Safari's webarchive format saves all the resources in a web page - images, scripts, stylesheets - into a single file. A flaw exists in the security model behind webarchives that allows us to execute script in the context of any domain (a Universal Cross-site S

3 min Metasploit

Mobile Pwning: Using Metasploit on iOS

Have you ever wanted to run an exploit but found yourself away from your desk? Wouldn't it be awesome if you could launch a full version of the Metasploit Framework from your phone or tablet? As you might have guessed, now you can. With an adventurous spirit and a few commands, you can be running the Metasploit Framework on your iPad or iPhone in just a few short minutes. Warning: To install Metasploit, you'll need root access to your device – which is accomplished by following your favorite ja

1 min IT Ops

iPhone notifications

If something is seriously broken in your application, you want to know about it immediately. But you can’t study your logs all the time – you have better thing to do (like coding right…). That’s why Logentries provides real-time alerts through both email and HTTP. And by real-time, we mean ‘real-time’ not 15 minutes later. Today, we bring real-time to a completely new level. We are happy to announce the availability of our iPhone application for receiving Logentries alerts [https://logentries.

1 min Apple

Apple OS X Java Woes

Oracle recently announced that they would provide stand alone updates in the future for Java Runtime Environment for Mac users. Many people including myself were excited when we heard the news, but..... so far this hasn't happened. Mac OS X users including yours truly are once again behind Oracle's recommended version. Apple last patched Java on OS X when they released Java 6 Update 31 on April 3rd, which had critical bug fixes on related to Flashback malware. Oracle then released Java 6 Update