Runtime Process Insemination

DEF CON 19

Presented by: Shawn Webb
Date: Friday August 05, 2011
Time: 15:00 - 15:50
Location: Track 3
Track: Track 3

Injecting arbitrary code during runtime in linux is a painful process. This presentation discusses current techniques and reveals a new technique not used in other projects. The proposed technique allows for anonymous injection of shared objects, the ability to pwn a process without leaving any physical evidence behind. Libhijack, the tool discussed and released in this presentation, enables injection of shared objects in as little as eight lines of C code. This presentation will demo real-world scenarios of injecting code into end-user processes such as firefox, nautilus, and python.

Shawn Webb

Shawn Webb is a professional security analyst. He works with Linux, FreeBSD, and Windows systems, finding vulnerabilities in in-house applications. He's a proud member and contributor of SoldierX. Twitter: lattera


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats