Tweet
Title: Mind the Gap Between Attacking Windows and Mac: Breaking In and Out of Protected MacOS environments
Instructor: Richard Gold
Abstract: MacOS has a strong reputation for security and comes with many restrictions such as the usage of an App Store to prevent malicious code being installed. However, we have found that since MacOS is the minority platform for many software packages and security platforms, it very rarely gets the same attention as Windows. This workshop will teach you to exploit that lack of attention from software like Microsoft Office and security platforms like a leading EDR solution to break in and out of a MacOS estate.
We will walk you through how to use open source tools, both unmodified and customized, can be used to take advantage of the difference in capability, e.g., script detection, between Windows and non-Windows platforms. We will show you how to map out an environment, how to gain code execution in multiple ways, grab credentials, find files, collect screenshots and webcam shots and exfiltrate the loot while remaining undetected.
The key takeaway is that despite the myriad of security features Apple has deployed, and the addition of EDR, MacOS is still hackable with our favorite tools used in new ways! This workshop will show you how!
[Unfortunately we cannot provide an EDR system for you to play with, so please bring your own or practice the techniques without that particular opponent.]
Level: Intermediate
Pre-Requisites: A burning desire to hack Macs!
Required Materials: Their own MacOS laptop. Preferably with an EDR solution in place, but the principals will still be valid without one. Microsoft Office is strongly recommended for the client-side attacks.
Instructor: Richard Gold
Abstract: MacOS has a strong reputation for security and comes with many restrictions such as the usage of an App Store to prevent malicious code being installed. However, we have found that since MacOS is the minority platform for many software packages and security platforms, it very rarely gets the same attention as Windows. This workshop will teach you to exploit that lack of attention from software like Microsoft Office and security platforms like a leading EDR solution to break in and out of a MacOS estate.
We will walk you through how to use open source tools, both unmodified and customized, can be used to take advantage of the difference in capability, e.g., script detection, between Windows and non-Windows platforms. We will show you how to map out an environment, how to gain code execution in multiple ways, grab credentials, find files, collect screenshots and webcam shots and exfiltrate the loot while remaining undetected.
The key takeaway is that despite the myriad of security features Apple has deployed, and the addition of EDR, MacOS is still hackable with our favorite tools used in new ways! This workshop will show you how!
[Unfortunately we cannot provide an EDR system for you to play with, so please bring your own or practice the techniques without that particular opponent.]
Level: Intermediate
Pre-Requisites: A burning desire to hack Macs!
Required Materials: Their own MacOS laptop. Preferably with an EDR solution in place, but the principals will still be valid without one. Microsoft Office is strongly recommended for the client-side attacks.