Penetration Testing mailing list archives

Re: [PEN-TEST] MacOS-9

From: Riley Hassell <riley () SPEAKEASY NET>
Date: Mon, 23 Oct 2000 16:01:21 -0700

You probably want to focus on brute forcing appletalk logins. Unless
of course their are other services enabled.

Your next avenue of attack might be java/javascript via browser or
email client.

Keep in mind their is no shell, you might be able to exploit a
vulnerability in an email client to execute an applescript via
java/javascript.


Riley Hassell
Network Security Consultant
riley () speakeasy org



On Sat, 21 Oct 2000, Derrick Lewis wrote:

I have been asked to test a system that is running MacOS-9. From what I
know of (through checking the "wall closets" on my way out) they have a
Cisco PIX-520 Firewall with a DMZ setup... Does anyone have any experience
with penetrating Mac systems or can anyone point me to any resources that
might assist me? Thank you.

--
Derrick Lewis                           LinuxSecurity.com
Assistant Site Manager        "The Linux Community's Center for Security."
(201) 934-9230                            http://www.linuxsecurity.com
dlewis () linuxsecurity com

Current thread:

[PEN-TEST] MacOS-9 Derrick Lewis (Oct 24)
- Re: [PEN-TEST] MacOS-9 Jose Nazario (Oct 24)
- Re: [PEN-TEST] MacOS-9 Riley Hassell (Oct 24)
- Re: [PEN-TEST] MacOS-9 cdowns (Oct 25)
- Re: [PEN-TEST] MacOS-9 Jev (Oct 25)
- Re: [PEN-TEST] MacOS-9 Eric Thomas Black (Oct 25)
- <Possible follow-ups>
- Re: [PEN-TEST] MacOS-9 Carskadden, Rush (Oct 24)