Chapter 12. OS X Shellcode

The Macintosh—and specifically OS X—is advertised as having security benefits over "the PC." For example:

Mac OS X delivers the highest level of security through the adoption of industry standards, open software development and wise architectural decisions. Combined, this intelligent design prevents the swarms of viruses and spyware that plague PCs these days. (from http://www.apple.com/macosx/features/security/)

Mac OS X was designed for high security, so it isn't plagued by constant attacks from viruses and malware like PCs. (from http://www.apple.com/getamac/)

While these are advertising claims and thus should be subject to a certain amount of skepticism, it is true that Apple has made good progress in terms of making the default install of OS X simple and relatively secure. It is also true, however, that OS X at the time of writing lags behind Windows and Linux in terms of exploit protection mechanisms, lacking a non-executable heap, stack cookies, and Address Space Layout Randomization (ASLR)—features enabled in Windows Vista by default and present in several common Linux distributions.

This chapter covers some basic information about the Apple OS X operating system, the basics of PowerPC and Intel shellcode on OS X, and a few "gotchas" to look out for when looking for and exploiting bugs on OS X.

OS X Is Just BSD, Right?

Er, no. Well, kind of. OS X can be thought of as a mix of the best aspects of a number of different operating systems. Just as the English ...

Get The Shellcoder's Handbook: Discovering and Exploiting Security Holes, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.