exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New


Posted Oct 30, 2003
Authored by CodeSamurai

Mac OS X v10.3 Build 7B85 contains a vulnerability in the screen lock which allows malicious local users to use the computer for a short amount of time, until the authentication window is displayed. Exploit information included.

tags | advisory, local
systems | apple, osx
SHA-256 | ef57f472ad9ea7e8279fc7e6035e71ddc0f6360fbdae55b2422ed2fa30258365


Change Mirror Download
                             Mac OS X 10.3 Panther Screen Lock Bypass

Advisory Title: Keys Getting Past Panther Screen Lock
Release Date: 2003 October 28
Affected Product: Mac OS X 10.3 Build 7B85
Severity: Low
Impact: Security Bypass
Where: Local System
Author: CodeSamurai (codesamurai@mac.com)
With access to the keyboard, an unauthorized user can access the currently active
screen-locked user environment. However, there is only a relatively small opening in the
period of time in which the keys events get through; completing complicated operations at the
keyboard have shown to be highly tedious in actual practice thus far.
With the screen effect active, keys pressed before the authentication window appears will be
sent to the general user environment.
Tested Examples:
- An open word processing document can be typed in.
- Shortcut operations via the keyboard are executed.
- New windows can be spawned.
- New folders can be created in the Finder.
- Switching between running applications is possible.
- One can navigate through the file system and launch applications.
- Terminal was launched and binary was executed from the command line.
Although the potential risk due to malicious intent via this vulnerability is obvious,
tentatively it appears that in real-world practicality, the impact will most likely be
statistically small. (But a chain is only as strong as its weakest link.)
SecureMac Notes: For the first-time-user actually executing anything useful before the screen
lock appears is hard. For the user who practices and knows where items are stored and can
quickly move around with the keys could change information or even disable authentication and
gain access to the desktop.
Outside of the advisory, another major concern is that the user types their password before
the dialog box has appeared and it echos to whatever application is parent in plain text.
Instant Messages is what users are reporting they have echo'd their passwords to accidently.
[shouticon.gif] 4 comments
Known issue means it's probably being worked on. If you want it fixed right away, get a job
at Apple and quit *sighing*
Login or Register to add favorites

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By