• Welcome to the Off-Topic/Schweb's Lounge

    In addition to the Mac-Forums Community Guidelines, there are a few things you should pay attention to while in The Lounge.

    Lounge Rules
    • If your post belongs in a different forum, please post it there.
    • While this area is for off-topic conversations, that doesn't mean that every conversation will be permitted. The moderators will, at their sole discretion, close or delete any threads which do not serve a beneficial purpose to the community.

    Understand that while The Lounge is here as a place to relax and discuss random topics, that doesn't mean we will allow any topic. Topics which are inflammatory, hurtful, or otherwise clash with our Mac-Forums Community Guidelines will be removed.

Remote Administration Exploits - Interesting Article

Raz0rEdge

Well-known member
Staff member
Moderator
Joined
Jul 17, 2009
Messages
15,745
Reaction score
2,071
Points
113
Location
MA
Your Mac's Specs
2022 Mac Studio M1 Max, 2023 M2 MBA
If the number of videos on Youtube are any indication, it seems to pretty widespread and from what I an tell the "hackers" seem to be kids doing pranks, but as the article states it's just as easy for the "hacker" to do something a lot more malicious..
 

vansmith

Senior Member
Joined
Oct 19, 2008
Messages
19,924
Reaction score
559
Points
113
Location
Queensland
Your Mac's Specs
Mini (2014, 2018, 2020), MBA (2020), iPad Pro (2018), iPhone 13 Pro Max, Watch (S6)
I read that article too (I love Ars) and was amazed at the ease with which these individuals could gain access. The video attached to the article really drove home the point.

What's interesting is the ease with which this can be accomplished on a machine that isn't adequately protected. For example, in Python, you can write an XMLRPC server in ~ 10 lines of code and a client in ~ 5 lines which can easily execute something on a remote machine. This would be cross platform as well and as long as the specified XMLRPC port was open, this would be a rather trivial exercise.

I was interested in trying it myself with a Windows VM but I have a healthy fear of CSIS coming to my door if they see "how to setup a remote administration tool + ratting + hacking" in my search patterns. ;)
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top