Dailydave mailing list archives
Re: Hacking like it's 1998
From: DSquare Security <info () d2sec com>
Date: Wed, 11 Apr 2012 18:39:23 -0500
On Fri, Apr 06, 2012 at 07:03:48PM +0100, Adrien Kunysz wrote:
On Fri, Apr 06, 2012 at 02:08:17AM -0700, Kristian Erik Hermansen wrote:In the video, you claim the module requires root to work. Last time I checked (maybe 1998), LD_PRELOAD could hook any user application without such privileges. So how is LD_PRELOAD not superior? ;)Oh wait if requiring root is OK, I would suggest looking at SystemTap (or DTrace if you are that kind of person): http://stapbofh.krunch.be/ And for non-root backdooring, I like Metlstorm's approach: http://www.insomniasec.com/publications/shellgame.pdf
d2sec_ttymitm doesn't require root privileges to work. We know that LD_PRELOAD could hook any user application without such privileges. But this tool is only another way to backdoor applications as su, sudo or ssh, with tty devices. It's nothing else. -- DSquare Security, LLC http://www.d2sec.com _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Hacking like it's 1998 Alex McGeorge (Apr 05)
- Re: Hacking like it's 1998 Kristian Erik Hermansen (Apr 06)
- Re: Hacking like it's 1998 Adrien Kunysz (Apr 06)
- Re: Hacking like it's 1998 DSquare Security (Apr 12)
- Re: Hacking like it's 1998 Adrien Kunysz (Apr 06)
- Re: Hacking like it's 1998 Kristian Erik Hermansen (Apr 06)