SecureMac.com
About SecureMac Advertise Security Consulting Mac Security Store Send Feedback

Site Information
Site Background
Who runs the site
Advertising
Security Consulting
Employment/Jobs
Feedback Form

SecureMac Software
PrivacyScan

 

Mac OS X Security
sudo buffer overflow exploit + fix
Disable Single User Boot Mode
Malevolence - Dumping Passwords
nidump security
Startup Security - Open Firmware Password Protection

Mac OS X Network Security
SAINT
Secure FTP Wrapper
Ettercap - sniffer interceptor logger
Snort - Network Intrusion Detection System
SSH Admin
SSH Helper
xnu - enable MAC Address spoofing


Mac OS X Virus

Mac OS X Firewalls
Firewalk Firewall Utility
NetBarrier X

Mac OS X App Sec.

Mac OS X Encryption
LittleSecrets
GPGMail - PGP Functionality

Mac OS X DoS

SecureMac Library
Mac Cable Modem Security
Mac Security Auditing
Mac OS X Security Understanding
Mac OS X Security Second Lessons
Mac OS X Security Third Lesson
Mac OS X Single User Mode Root Access
Mac OS X Shareware Firewalls
Mac OS X Secure Installation
Cable & DSL Connections - Security Measures
Better Safe than Sorry
Apple.com Security Resources
Marketing Macintosh Security Programs

Mac OS X USB Keyboard Root Access

Advisory Title: USB Keyboard Init Crash -> Root Access
Release Date: 2003 October 31
Affected Products: Mac OS X 10.2.7 and prior (possibly 10.2.8)
Severity: Moderate
Impact: Root Access
Where: Local System
Author: Jason Storm (jms@lasergun.org)

VULNERABILITY
With access to a USB Keyboard connected to the computer running Mac OS X 10.2.7 and prior (and possibly 10.2.8) the user can hold down control-c during startup to be dropped to the administrative full controlling root shell prompt due to init crashing.

init will crash within three minutes into the booting process and will drop you into a root shell. With access to the root shell there is full control over the system including deleting and modifying files that are critical to the system.

Jason notes that this security bug in the system is dependant on the USB keyboard being used and it will work with G3 powerbook with a external USB keyboard attached to it.

Internal Development Feature
The bug was origionally presented to Apple in 1998 but was told it was a 'internal development feature' that would be removed and was reported later on it was still present but wasn't removed. This bug or 'feature' is not present in Mac OS X Panther with the documented control-c bootup process.

Included is a copy of the e-mail submited to us and bugtraq.


Interact:
Could not connect