Advanced MAC OS X Rootkits

Free registration required

Executive Summary

The Mac OS X kernel (xnu) is a hybrid BSD and Mach kernel. While Unix-oriented rootkit techniques are pretty well known, Mach-based rootkit techniques have not been as thoroughly publicly explored. This paper covers a variety of rootkit techniques for both user-space and kernel-space rootkits using unique and poorly under-stood or documented Mac OS X and Mach features. Rootkit techniques affecting FreeBSD are well known and documented

  • Format: PDF
  • Size: 127.81 KB