ch20.htm

来自「Maximum Security (First Edition) 网络安全 英文」· HTM 代码 · 共 1,184 行 · 第 1/4 页

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>

<HEAD>
	
	<TITLE>Maximum Security -- Ch 20 -- Macintosh</TITLE>
</HEAD>

<BODY TEXT="#000000" BGCOLOR="#FFFFFF">

<CENTER>
<H1><IMG SRC="../button/samsnet.gif" WIDTH="171" HEIGHT="66" ALIGN="BOTTOM" BORDER="0"><BR>
<FONT COLOR="#000077">Maximum Security: </FONT></H1>
</CENTER>
<CENTER>
<H2><FONT COLOR="#000077">A Hacker's Guide to Protecting Your Internet Site and Network</FONT></H2>
</CENTER>
<CENTER>
<P><A HREF="../ch19/ch19.htm"><IMG SRC="../button/previous.gif" WIDTH="128" HEIGHT="28"
ALIGN="BOTTOM" ALT="Previous chapter" BORDER="0"></A><A HREF="../ch21/ch21.htm"><IMG
SRC="../button/next.gif" WIDTH="128" HEIGHT="28" ALIGN="BOTTOM" ALT="Next chapter"
BORDER="0"></A><A HREF="../index.htm"><IMG SRC="../button/contents.gif" WIDTH="128"
HEIGHT="28" ALIGN="BOTTOM" ALT="Contents" BORDER="0"></A> 
<HR>

</CENTER>
<CENTER>
<H1><FONT COLOR="#000077">20</FONT></H1>
</CENTER>
<CENTER>
<H1><FONT COLOR="#000077">Macintosh</FONT></H1>
</CENTER>
<P>The Macintosh platform is not traditionally known for being a cracking platform.
It is far more suited to hacking. Programming for the Mac is every bit as challenging
as programming for any other environment. Knowledge of C is generally a requisite.
For that reason, hacking on the Mac platform can be fun (and occasionally frustrating).
<I>Cracking</I> (with respect to the Internet anyway) on the Mac platform, however,
is another matter entirely.</P>
<P>First, early TCP/IP implementations on the Mac platform were primarily client
oriented. Many server packages do now exist for the Mac, but until recently, TCP/IP
was not what I would call an &quot;integrated&quot; part of the traditional MacOS.
Today, the situation is vastly different. The advancement of integrated TCP/IP in
the MacOS has grown tremendously.</P>
<P>Apple has taken special steps to ensure that the MacOS TCP/IP support is superb.
These efforts have manifested through the development of Open Transport technology.
Open Transport is an implementation that provides high-level control at the network
level. For example, Open Transport allows multiple, simultaneous TCP/IP connections,
the number of which is limited only by memory and processor power. Inherent within
the system is automated flow control, which detects the need for fragmentation of
IP datagrams. That means when a network segment is encountered that cannot handle
large packets, Open Transport automatically reverts to fragmentation.</P>
<P>Open Transport has completely integrated MacOS with both TCP/IP and AppleTalk,
making it one of the most flexible networking implementations currently available.
It now comes stock in System 7.5.3 and above.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>You can get libraries,
	include files, and utilities for the Mac platform, as you'll learn later in this
	chapter. Some great sources, though, can be found at <A HREF="http://www.metrowerks.com/tcpip/lib/c-libs.html"><TT>http://www.metrowerks.com/tcpip/lib/c-libs.html</TT></A>.
	These sources include real-life examples of Mac TCP/IP programming, complete with
	C source code.</P>
	<P>Many examples for those programming in C++ are also available. Find them online
	at <TT>http://www.metrowerks.com/tcpip/lib/cpp-libs.html</TT>.<BR>
	Pascal gurus can find Mac TCP/IP source and libraries at <A HREF="http://www.metrowerks.com/tcpip/lib/pascal-libs.html"><TT>http://www.metrowerks.com/tcpip/lib/pascal-libs.html</TT></A>.
	
<HR>


</BLOCKQUOTE>

<P>Programming on the Mac is a challenge. However, most Macintosh users are not so
intensely preoccupied with the inner workings of their operating system as users
of UNIX systems or even IBM compatibles. The reason has nothing to do with the level
of proficiency of Mac users. It has to do with the design of the MacOS itself. The
MacOS was conceived with ease of use in mind. Many tasks that are grueling under
other operating systems are only a click away on the modern Macintosh. Take, for
example, getting connected to the Internet. Only in the last few years have UNIX
systems made this process simple. Prior to that, many different files had to be edited
correctly and the user had to have some knowledge of UUCP. In contrast, the Mac user
is rarely confronted with special configuration problems that call for tweaking the
operating system. Therefore, there are few Mac Internet crackers.</P>
<P>For those planning to use the Macintosh platform for hacking or cracking, however,
there are plenty of resources. For programming, there are a staggering number of
choices beyond the traditional C that you normally associate with Mac development.
Some of these are ports of languages from other platforms and others are development
tools written specifically for the Macintosh. Unfortunately, there are not yet as
many free tools for use on Macs as there are for other platforms.</P>
<P>Nevertheless, Mac users take a lot of abuse on the Internet. Users who enjoy other
platforms often make fun of Mac users, telling them to get a &quot;real&quot; operating
system. Well, before we get into what tools are available for cracking on a Mac,
I would like to take a moment to offer the Mac community a little vindication. First
of all, the number of development tools available for Macintosh is staggering. Rather
than list them all here, I have picked a few interesting ones. They are listed in
Table 20.1.
<H4><FONT COLOR="#000077"><B>Table 20.1. Interesting Mac development tools.</B></FONT></H4>
<P>
<TABLE BORDER="1">
	<TR ALIGN="LEFT" rowspan="1">
		<TD ALIGN="LEFT" VALIGN="TOP"><I>Tool</I></TD>
		<TD ALIGN="LEFT" VALIGN="TOP"><I>Description</I></TD>
	</TR>
	<TR ALIGN="LEFT" rowspan="1">
		<TD ALIGN="LEFT" VALIGN="TOP">Prograph CPX</TD>
		<TD ALIGN="LEFT" VALIGN="TOP">An awesome, object-oriented tool by Pictorius that allows complex manipulation of
			data structures through an entirely visual interface. It works through the use of
			visualization of data flow. It allows you to seamlessly integrate code previously
			written in C. Moreover, it will soon include cross-platform support. Check it out
			at <A HREF="http://192.219.29.95/home.html"><TT>http://192.219.29.95/home.html</TT></A>.</TD>
	</TR>
	<TR ALIGN="LEFT" rowspan="1">
		<TD ALIGN="LEFT" VALIGN="TOP">Mac Common LISP</TD>
		<TD ALIGN="LEFT" VALIGN="TOP">The MCL development environment by Digitool, Inc. It gives you true object-oriented
			development with perhaps the most powerful object-oriented language currently available.
			Distributions are available for both 68K and PPC (Power PC). You can get a full-featured
			evaluation version at <A HREF="http://www.digitool.com/MCL-demo-version.html"><TT>http://www.digitool.com/MCL-demo-version.html</TT></A>.</TD>
	</TR>
	<TR ALIGN="LEFT" rowspan="1">
		<TD ALIGN="LEFT" VALIGN="TOP">Dylan</TD>
		<TD ALIGN="LEFT" VALIGN="TOP">Dylan is a special object-oriented language that was developed primarily from efforts
			at Apple. There are many benefits to this new and curious language, the most incredible
			of which is automatic memory management. Memory management has traditionally been
			a problem to be addressed by the programmer. Not any more. There are a number of
			free compilers for Dylan, including but not limited to Thomas (witty name), which
			is located at <A HREF="http://www.idiom.com/free-compilers/TOOL/Dylan-1.html"><TT>http://www.idiom.com/free-compilers/TOOL/Dylan-1.html</TT></A>.</TD>
	</TR>
</TABLE>
</P>
<P>In addition to these, there are many interesting (traditional and nontraditional)
development tools for Mac, including the following:

<UL>
	<LI>GNU C and C++ (<A HREF="ftp://ftp.cs.purdue.edu/pub/gb/"><TT>ftp://ftp.cs.purdue.edu/pub/gb/</TT></A>)<BR>
	<BR>
	
	<LI>Perl (<A HREF="http://mors.gsfc.nasa.gov/MacPerl.html"><TT>http://mors.gsfc.nasa.gov/MacPerl.html</TT></A><TT>)</TT>
</UL>

<H2><FONT COLOR="#000077"><B>Password Crackers and Related Utilities</B></FONT></H2>
<P>The utilities described in the following sections are popular password crackers
or related utilities for use on Macintosh. Some are made specifically to attack Mac-oriented
files. Others are designed to crack UNIX password files. This is not an exhaustive
list, but rather a sample of the more interesting tools freely available on the Internet.
<H3><FONT COLOR="#000077"><B>PassFinder</B></FONT></H3>
<P>PassFinder is a password cracking utility used to crack the administrator password
on FirstClass systems. This is an important utility. The program suite FirstClass
is a gateway system, commonly used for serving e-mail, UUCP, and even news (NNTP).
In essence, FirstClass (which can be found at <A HREF="http://www.softarc.com/"><TT>http://www.softarc.com/</TT></A>)
is a total solution for mail, news, and many other types of TCP/IP-based communication
systems. It is a popular system on the MacOS platform. (It even has support for Gopher
servers and FTP and can be used to operate a full-fledged BBS.) Because FirstClass
servers exist not only on outbound Internet networks, but also on intranets, PassFinder
is a critical tool. By cracking the administrator password, a user can seize control
of the system's incoming and outgoing electronic communications. (However, this must
be done on the local machine. That is, the user must have access to the console of
the instant machine. This is not a remote cracking utility.)


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>PassFinder is available
	at <A HREF="http://www.yatho.com/weasel/files/PassFinder.sit.bin"><TT>http://www.yatho.com/weasel/files/PassFinder.sit.bin</TT></A>.
	
<HR>
</P>
	<P>
<HR>
<FONT COLOR="#000077"><B>TIP:</B></FONT><B> </B>Apparently, FirstClass 2.7 does not
	provide a facility for recording or logging IP addresses. (Reportedly, this simple
	hole exists in earlier versions.) Therefore, an attack on such a server can be performed
	in a fairly liberal fashion. 
<HR>


</BLOCKQUOTE>

<H3><FONT COLOR="#000077"><B>FirstClass Thrash!</B></FONT></H3>
<P>This is an interesting collection of utilities, primarily designed for the purpose
of conducting warfare over (or against) a FirstClass BBS. It has features that could
be easily likened to Maohell. These include mailbombing tools, denial-of-service
tools, and other, assorted scripts useful in harassment of one's enemies. It's primarily
used in warfare.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>FirstClass Thrash! is
	located at <A HREF="http://www.i1.net/~xplor216/FCThrash.hqx"><TT>http://www.i1.net/~xplor216/FCThrash.hqx</TT></A>.
	
<HR>


</BLOCKQUOTE>

<H3><FONT COLOR="#000077"><B>FMProPeeker 1.1</B></FONT></H3>
<P>This utility cracks FileMaker Pro files. FileMaker Pro is a database solution
from Claris, (<A HREF="http://www.claris.com"><TT>http://www.claris.com</TT></A>).
While more commonly associated with the Macintosh platform, FileMaker Pro now runs
on a variety of systems. It is available for shared database access on Windows NT
networks, for example. In any event, FMProPeeker subverts the security of FileMaker
Pro files.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>FMProPeeker is available
	at <A HREF="http://www.netaxs.com/~hager/mac/cracking/FMProPeeker1.1.sit.bin"><TT>http://www.netaxs.com/~hager/mac/cracking/FMProPeeker1.1.sit.bin</TT></A>.
	
<HR>


</BLOCKQUOTE>

<H3><FONT COLOR="#000077"><B>FMP Password Viewer Gold 2.0</B></FONT></H3>
<P>FMP Password Viewer Gold 2.0 is another utility for cracking FileMaker Pro files.
It offers slightly more functionality (and is certainly newer) than FMProPeeker 1.1.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>FMP Password Viewer Gold
	2.0 is available at <A HREF="http://www.yatho.com/weasel/files/FMP3.0ViewerGold2.0.sit.hqx"><TT>http://www.yatho.com/weasel/files/FMP3.0ViewerGold2.0.sit.hqx</TT></A>.
	
<HR>


</BLOCKQUOTE>

<H3><FONT COLOR="#000077"><B>MasterKeyII</B></FONT></H3>
<P>MasterKeyII is yet another FileMaker Pro cracking utility.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>MasterKey II is available
	at the following site in Japan. Have no fear: This site is so fast, it is screaming.
	The location is <A HREF="http://www.plato-net.or.jp/usr/vladimir/undergroundmac/Cracking/MasterKeyII.1.0b2.sit.bin"><TT>http://www.plato-net.or.jp/usr/vladimir/undergroundmac/Cracking/MasterKeyII.1.0b2.sit.bin</TT></A>.
	
<HR>


</BLOCKQUOTE>

<H3><FONT COLOR="#000077"><B>Password Killer</B></FONT></H3>
<P>Password Killer is designed to circumvent the majority of PowerBook security programs.


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>Password Killer (also
	referred to as PowerBook Password Killer) can be found online at <A 
HREF="http://www.plato-net.or.jp/usr/vladimir/undergroundmac/Cracking/PowerBookPwd%20killer.sit.bin"><TT>http://www.plato-net.or.jp/usr/vladimir/undergroundmac/Cracking/PowerBookPwd%20killer.sit.bin</TT></A>.
	
<HR>


</BLOCKQUOTE>

<H3><FONT COLOR="#000077"><B>Killer Cracker</B></FONT></H3>
<P>Killer Cracker is a Macintosh port of Killer Cracker, a password cracker formerly
run only on DOS and UNIX-based machines. (You can find a lengthy description of Killer
Cracker in Chapter 10, &quot;Password Crackers.&quot; Thankfully, the Mac version
is distributed as a binary; that means you do not need a compiler to build it.)


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>Killer Cracker can be
	found at <A HREF="ftp://whacked.l0pht.com/pub/Hacking/KillerCrackerv8.sit"><TT>ftp://whacked.l0pht.com/pub/Hacking/KillerCrackerv8.sit</TT></A>.
	
<HR>


</BLOCKQUOTE>

<H3><FONT COLOR="#000077"><B>MacKrack</B></FONT></H3>
<P>MacKrack is a port of Muffet's famous Crack 4.1. It is designed to crack UNIX
passwords. It rarely comes with dictionary files, but works quite well. Makes cracking
UNIX <TT>/etc/passwd</TT> files a cinch. (It has support for both 68K and PPC.)


<BLOCKQUOTE>
	<P>
<HR>
<FONT COLOR="#000077"><B>Cross Reference:</B></FONT><B> </B>MacKrack is located at
	<A HREF="http://www.yatho.com/weasel/files/MacKrack2.01b1.sit.bin"><TT>http://www.yatho.com/weasel/files/MacKrack2.01b1.sit.bin</TT></A>.