Posts tagged Pwn2own

O Dino Dai Zovi, mais conhecido pela sua participação nos concursos PWN2OWN, em que quebrou a segurança a segurança do Mac OS X, vai dar um conjunto de apresentações na BlackHat 2009, nos EUA, em que vai falar de técnicas de desenvolvimento de rootkits para Mac OS X, assim como usar o Metasploit para explorar igualmente vulnerabilidades na plataforma Mac OS X.

DINO DAI ZOVI
Advanced Mac OS X Rootkits
The Mac OS X kernel (xnu) is a hybrid BSD and Mach kernel. While Unix-oriented rootkit techniques are pretty well known, Mach-based rootkit techniques have not been as thoroughly publicly explored. This presentation will cover a variety of rootkit techniques for both user-space and kernel-space rootkits using unique and poorly understood or documented Mac OS X and Mach features.
Macsploitation with Metasploit
While Metasploit has had a number of Mac exploits for several years, the exploit payloads available have done little more than give a remote shell. These payloads are significantly simpler than the DLL-injection based payloads for Windows-based targets like the Meterpreter and VNC Inject payloads. This talk will cover the development and use of the fancier Metasploit Mac payloads developed by Dino Dai Zovi (the presenter) and Charlie Miller, including bundle injection, iSight photo capture, and Macterpreter.

Deverão ser duas apresentações muito interessantes…