Twitter | Pretraživanje | |
Dаvіd Вucһаnаn
Ever wanted to inject a shared library into an already-running linux process, without using ptrace? Well, now you can...
https://github.com/DavidBuchanan314/dlinject
asciinema asciinema @asciinema
Reply Retweet Označi sa "sviđa mi se" More
Dаvіd Вucһаnаn 30. pro
Odgovor korisniku/ci @David3141593
Next, I'm gonna implement a kernel module that lets me: a) map pages in a remote process b) CreateRemoteThread That way, I can avoid side-effects of SIGSTOP, or any race conditions.
Reply Retweet Označi sa "sviđa mi se"
Arnaud Le Blanc 1. sij
Odgovor korisniku/ci @David3141593
In order to replace sigstop, would it work to change the scheduling priority of the process such that it’s effectively not executed?
Reply Retweet Označi sa "sviđa mi se"
Dаvіd Вucһаnаn 1. sij
Odgovor korisniku/ci @arnaud_lb
That did cross my mind, I need to look into it more to see if it's practical. Could certainly increase the probability of it working without sigstop
Reply Retweet Označi sa "sviđa mi se"
Dan Kaminsky 1. sij
Odgovor korisniku/ci @David3141593 @kfalconspb
Oh, neat. Thanks for taking the time to document this well!
Reply Retweet Označi sa "sviđa mi se"
paπcake🎗🌱 31. pro
Odgovor korisniku/ci @David3141593 @ulexec
smart trick and nice read. thanks
Reply Retweet Označi sa "sviđa mi se"
Simone Scarduzio 🇬🇧 1. sij
Odgovor korisniku/ci @David3141593
If this was the JVM, everyone would have panicked about the whole new level of vulnerabilities this enables. And they would be right.🤷🏻‍♂️
Reply Retweet Označi sa "sviđa mi se"
hexpwn 11. sij
Odgovor korisniku/ci @David3141593
just learned so many things from reading your code. thanks for sharing this.
Reply Retweet Označi sa "sviđa mi se"
Tom Hatskevich 30. pro
Odgovor korisniku/ci @David3141593
Wow Amazing !! Actually code injection into running linux process ;)
Reply Retweet Označi sa "sviđa mi se"
reaper 31. pro
Odgovor korisniku/ci @David3141593
this is awesome 👍
Reply Retweet Označi sa "sviđa mi se"