Defiling Mac OS X - Ruxcon - Reverse Engineering Mac OS X - PUT ...
23.12.2014 Views
Share Embed Flag

Defiling Mac OS X - Ruxcon - Reverse Engineering Mac OS X - PUT ...

Defiling Mac OS X - Ruxcon - Reverse Engineering Mac OS X - PUT ...

Defiling Mac OS X - Ruxcon - Reverse Engineering Mac OS X - PUT ...

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
reverse.put.as

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

TECHNIQUES<br />

NETWORKING HOOKS<br />

Some neat places to hook provided by Apple<br />

‣ Network Kernel Extensions (NKEs) can provide filters<br />

‣ Socket filters<br />

‣<br />

Can filter calls to stuff like setsockopt(), getsockopt(), ioctl(),<br />

connect(), listen(), bind()<br />

‣ Mostly useful for local stuff I guess<br />

‣ IP filters Good times<br />

‣<br />

‣ Inject packets<br />

‣ Interface filters<br />

‣<br />

‣<br />

Filter arbitrary IP packets, get actual mbufs<br />

Kinda needlessly low level for this exercise<br />

Filter packets after they’re demuxed - maybe some fun<br />

<strong>Defiling</strong> <strong>Mac</strong> <strong>OS</strong> X - <strong>Ruxcon</strong><br />

November, 2011

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!