As it did last year, the annual Black Hat security conference in Las Vegas will feature a full class on hacking Mac OS X, Mach and Objective-C apps and tools, as well as native Cocoa applications.
The two-day Macsploitation training class will be taught by Italian student and security consultant Vincenzo Iozzo and professional security analyst Dino Dai Zovi, the author of The Mac Hacker’s Handbook.
The second day of the course covers exploitation of security vulnerabilities, covering debugging, exploitation vectors, and payloads. Students will use gdb, IDA Pro, and BinNavi to dynamically examine rich applications and debug exploitation of stack and heap memory corruption vulnerabilities. After students have learned hands-on how to exploit these vulnerabilities, the course will cover OS X payloads and payload techniques. The exploitation labs will be complementary so that students develop their own payloads for their exploit of a vulnerability in a demonstration web browser plugin.
Nice. No, I kid! These guys are helping to keep the Mac safe (we all hope and pray). And the cost isn’t cheap, preregistration is $2,000.
Besides bringing a Mac to the conference, attendees will need Vmware Fusion (or equivalent) loaded with a copy of Windows XP loaded, a copy of the IDA Pro disassembler, and Apple’s Xcode tools package (it’s an additional install on every Mac). The instructors also suggest a copy of zynamics’ BinNavi reverse engineering tool with GdbAgent, but that isn’t mandatory.
The community can look forward to more Mac security watchers.
At the same time, the state of Mac security continues to much better than that of Windows. It’s something that most switchers to the Mac remark upon.
The last update of Mac OS X Snow Leopard (v10.6.6) in January had only one security fix, a vulnerability with Software Update. On the other hand, Microsoft’s February Patch Tuesday fixed some 22 vulnerabilities and Microsoft expects to release 3 security bulletins in March to cover 4 serious holes in its OSes.
