Tag Archives: attack

Detecting Apple Mac OS X AFP vulnerability CVE-2010-0533 with Nmap

During the development of my AFP library for Nmap I came a cross a critical vulnerability in Apple’s implementation of AFP on Snow Leopard. The vulnerability occurs due to improper input validation and allows an attacker to access (list, read, and/or write) files in the parent directory of any AFP sharepoint.

Continue reading

Cracking SIP with John the Ripper

I just finished a patch against Romain Raboin’s HTTP Digest authentication patch for John the Ripper. Romain’s patch is also included in the jumbo patch available from the John the Ripper main page. The patch I made is very small and simply checks if the Quality of Protection (qop) parameter was supplied in the input or not. If it’s not it makes the appropriate changes so that the response is computed per the simpler RFC 2069 standard instead.

Continue reading