Hello, Khabrovites. In anticipation of the start of the course "Pentest. Practice of Penetration Testing", we invite you to sign up for an open lesson on the topic "Windows ad: collecting information, escalating privileges . "
And also we want to share with you another author's article from our expert - Alexander Kolesnikov.
Typically, the infrastructure is built on Linux and Windows operating systems. And it would seem, why bother with the problems of other operating systems? It's simple. Pentest is a constant development, the study of new technologies. In addition, machines in the infrastructure that run on the macOS operating system are no longer such a rarity.
The article does not claim to be complete information on the MacOS platform, but only demonstrates mechanisms and data that, in the opinion of the author, can be useful.
MacOS
MacOS β , ββ . , , Linux. , XNU (X is Not Unix). , - . , , :
. βDirectory Servicesβ. , , . , , BSD . , MacOS Darwin, Open Source .
macOS 2 :
MacOS β , Apple.
MacOS Server β , .
Apple, . MacOS MDM OpenDirectory , Server. , . , macOS Server:
Open Directory β , Active Directory OC Windows.
Profile Manager β .
Xsan β .
, Active Directory. MacOS, , , , Windows AD. MacOS Open Directory β Active Directory.
MacOS
, macOS . , , . , macOS (System Preferences->Users&Groups):
Standart user β , .
Administrator β , , , .
Sharing Only β , .
Groups β , Linux/Unix , , .
root, Apple . , Windows . , , dscl β ββ , , .
, , , , :
dscl . ls /Users
, , 1 , 141 . ββ , .
, . macOS , Windows AD. β βpropertyβ . , ls cat:
dscl . cat /Users/daemon
, . ββ , β root:
, plist β iOS macOS . βPropertyβ ββ Active Directory. SMBSID, RecordName UniqueId. . dscl :
dscl . ls /
, Active Directory macOS. , Windows net users/net groups
.
MacOS Active Directory
AD. , macOS. , ? LDAP? ? ?
:
, :
:
:
, .
. , , . , , , , macOS. ? macOS .