Skip to content

nerdprojects/macintosh-bufferoverflow-exploiting

BranchesTags

Repository files navigation

Macintosh Bufferoverflow Exploiting

I experimented with buffer overflows on old Macintosh computers and identified two exploits in common webserver software.

personalwebsharing-exploit-ppc.py

This exploit is for the "Websharing" system extension from Apple, built into the system since Mac OS 8 I think. The exploit code opens the Calculator and does not crash the server process. It is specific for PPC and depends on New World ROM instructions present in Mac OS 9.1/9.2. I only tested it on the QEMU PPC emulator with two different system versions.

machttp26-exploit-m68k.py

MacHTTP is a lightweight server that runs on older Mac systems. The exploit code opens the Calculator and kills the server process. It is specific for M68K and depends on ROM instructions present in 68020+ Macs. I only tested it on the MAME emulator with system versions 7.5.

find-rop

Utility scripts I used to find usable CPU instructions for the exploits.

ppc-assembly / m68k-assembly

Scripts and sources required to compile the "open calc" exploits.

About

POC buffer overflow exploits for the classic Macintosh platform

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages