In my last post about Mac OS X I talked about someone who asked hackers to try the security of his Mac mini and discovered that it had been compromised in 6 hours. But what I didn’t tell is that he allowed anyone to create an account in his system, from which a local exploit was probably used to gain superuser access.
Usually, local exploits are easier to find and give you full access to the system, so having an account in that computer made the challenge much easier. It’s not very normal to find a server connected to Internet where anyone can login and create his own account.
Another owner of a Mac mini has decided to try this again, but this time not allowing the creation of local accounts. The server is located at the University of Wisconsin and the instructions are at Mac OS X Security Challenge. Will anyone be able to hack into this system and modify the webpage? Maybe or maybe not, but at least, this is a more realistic scenario than the other contest.
From | Netsec
0 Responses to “More contests to hack Mac OS X”