Chapter 12. OS X Shellcode

The Macintosh—and specifically OS X—is advertised as having security benefits over "the PC." For example:

Mac OS X delivers the highest level of security through the adoption of industry standards, open software development and wise architectural decisions. Combined, this intelligent design prevents the swarms of viruses and spyware that plague PCs these days. (from

Mac OS X was designed for high security, so it isn't plagued by constant attacks from viruses and malware like PCs. (from

While these are advertising claims and thus should be subject to a certain amount of skepticism, it is true that Apple has made good progress in terms of making the default install of OS X simple and relatively secure. It is also true, however, that OS X at the time of writing lags behind Windows and Linux in terms of exploit protection mechanisms, lacking a non-executable heap, stack cookies, and Address Space Layout Randomization (ASLR)—features enabled in Windows Vista by default and present in several common Linux distributions.

This chapter covers some basic information about the Apple OS X operating system, the basics of PowerPC and Intel shellcode on OS X, and a few "gotchas" to look out for when looking for and exploiting bugs on OS X.

OS X Is Just BSD, Right?

Er, no. Well, kind of. OS X can be thought of as a mix of the best aspects of a number of different operating systems. Just as the English ...

Get The Shellcoder's Handbook: Discovering and Exploiting Security Holes, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.