OSX Malware Development

Printable View

May 17th, 2008, 08:07 PM
d34dl0k1

OSX Malware Development

Has anyone thought about how you would write malware for osx 10.4/5?

Assume you already have a browser exploit for a foothold...

How would you:

- run arbitrary code
- have a persistent installation
- load on boot
- escalate permission
- avoid detection & removal (notrace?)

I have just switched to mac and I realize I don't have a familiarity with how these different points would operate during a system compromise... for instance I would use hijackthis for a persistent installation, but wtf would you use on a mac?

tx
May 17th, 2008, 08:29 PM
brokencrow

I know more about securing OS X than comprimising it, so...check
out this site:

http://www.thexlab.com/faqs/malspyware.html

Rootkits are probably a greater, albeit related, risk to OS X. If I'm
not mistaken chkrootkit run on OS X now:

http://www.chkrootkit.org/

There's also OS X Rootkit Hunter:

http://mac.sofotex.com/download-134331.html

Finally, there's ClamXav for viruses:

http://www.clamxav.com/

HTH.
May 18th, 2008, 05:40 AM
nihil

You might find this site interesting:

http://www.macforensicslab.com/Produ...roducts_id=174

:)

All times are GMT +1. The time now is 02:53 AM.

Powered by vBulletin® Version 4.1.5
Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.