Runtime Process Insemination

Presented at DEF CON 19 (2011), Aug. 5, 2011, 3 p.m. (50 minutes).

Injecting arbitrary code during runtime in linux is a painful process. This presentation discusses current techniques and reveals a new technique not used in other projects. The proposed technique allows for anonymous injection of shared objects, the ability to pwn a process without leaving any physical evidence behind. Libhijack, the tool discussed and released in this presentation, enables injection of shared objects in as little as eight lines of C code. This presentation will demo real-world scenarios of injecting code into end-user processes such as firefox, nautilus, and python.


Presenters:

  • Shawn Webb - Security Analyst
    Shawn Webb is a professional security analyst. He works with Linux, FreeBSD, and Windows systems, finding vulnerabilities in in-house applications. He's a proud member and contributor of SoldierX. Twitter: lattera

Links:

Similar Presentations: