Re: Subversive Dynamic Linking on UNIX Platforms

From: Shaun Clowes (shaunat_private)
Date: Thu Nov 08 2001 - 19:10:31 PST

Next message: OBrien, Brennan: "RE: Infected jpeg files?"

Previous message: Lincoln Yeoh: "Re: Shutting down windows NT remotely (without winnt toolkit)?"
Maybe in reply to: grugq: "Subversive Dynamic Linking on UNIX Platforms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Talk about a coincidence....

I've been working on pretty much the same thing as discussed in this paper,

however my focus has been on forcing a running process to load a shared 
object/library. The loaded library can then shield the process from known 
security vulnerabilities (or indeed subvert the process) without it needing

to be restarted. I'll be presenting and demonstrating the tool resulting 
from this research (injectso) along with some other simple Unix process 
modification techniques (nothing new) at the BlackHat Briefings in Amsterdam

on the 21st of November.  

Cheers,
Shaun

Next message: OBrien, Brennan: "RE: Infected jpeg files?"
Previous message: Lincoln Yeoh: "Re: Shutting down windows NT remotely (without winnt toolkit)?"
Maybe in reply to: grugq: "Subversive Dynamic Linking on UNIX Platforms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Nov 08 2001 - 19:10:32 PST