In recent days, after an article on The Register, there was a lot of buzz regarding a vulnerability that affects Mac OS X. The author of the discovery is an italian security researcher, Vincenzo Iozzo, that we decided to interview (italian version available) to obtain some more details.

At the next Black Hat Conference in February you will hold a talk entitled “Let Your Mach-O Fly“, which will explain a serious vulnerability in Mac OS X. Can you tell something more?

My attack is an implementation of a technique called userland-exec. This technique makes it possible to launch an executable on a machine without invoking the kernel and that it is present on your disk. But it can not be considered a vulnerability in the usual sense. In fact, the attack is made possible in practice because of an inherent problem of Mac OS X has long known, namely the lack of randomization dynamic linker within space processes.

It should be noted that my technique does not allow to break into a machine more easily, but makes it easier the execution of code within the system attacked. The innovation of my research is the fact you can inject into a process not just a simple shellcode but an entire executable, in the past this was not possible on OS X.

Continua »