[<prev] [next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44.0310311609160.11573-100000@polar.negation.net>
Date: Fri, 31 Oct 2003 16:26:48 -0500 (EST)
From: Jason Storm <jms@...ergun.org>
To: bugtraq@...urityfocus.com
Subject: Console Root On OSX up to 10.2.8
On all versions of OSX up to and including 10.2.7 and possibly 10.2.8,
init can be crashed using a USB keyboard by holding down CTRL-C
immediately after boot, and keeping it held down.
Init crashes two or three minutes into the boot process and drops you into
a root shell.
At this point, you can of course modify the file system, or selectively
run components of the rc scripts to bring up full OSX functionality
without the GUI layer, which will demand a root password and lock you out
once its spawned successfully.
The 'exploit' is dependant on a USB keyboard being used; it wont work on a
powerbook without a USB keyboard attached, for example.
This was originally reported to Apple in 1998, and I was informed that
this was an 'internal development feature' that would be removed.
Three years later I reported this 'internal development feature' again,
and received no reply at all.
Now that Panther is out and this 'internal development feature' appears to
be resolved (no doubt thanks to the massive reworking of OSX USB code), I
see no reason not to give people a good reason to upgrade by releasing
this info..
peace and blessings,
-Jason Storm
"Only two things can stop an orgy.. and thats dawn, or a bigger orgy
across town."
Powered by blists - more mailing lists