BSDCan2013 - Final

BSDCan 2013
The Technical BSD Conference

Shawn Webb
Day Talks - Day 1 - 2013-05-17
Room MRT 221
Start time 15:00
Duration 01:00
ID 367
Event type Lecture
Track Security
Language used for presentation English

Runtime Process Infection

This presentation will instruct participants on how to inject arbitrary code into a process during runtime.

Writing malware on Linux isn't an easy task. Anonymously injecting shared objects has been a frightful task that no one has publicly implemented. This presentation will show how and why malware authors can inject shared objects anonymously in 32bit and 64bit linux and 64bit FreeBSD. The presenter will be releasing a new version of a tool called libhijack. libhijack aims to make injection of arbitrary code and shared objects extremely easy. There will be a live demo injecting a root shell backdoor into multiple programs during runtime.