Infecting The Mach-O Object Format presented at SyScan 2005

by Neil Archibald,

Tags: Security

Summary : This talk aims to dispel the myths surrounding Mac OSX regarding it's ability to stand
up to viruses and malicious code. The talk would begin with an introduction to ppc architecture,
showing a few basic assembly instructions, then go into an overview of the mach-o format.
Following this i would run through a few methods of infecting mach-o files which i have
worked on recently, showing C based proof of concepts for these.I would also look at hooking functions and stealing arguments and some mach-o specific anti
debug method. Finally i would finish up with a conclusion about the likelihood of infection on
OSX showing possible attack vectors etc.