We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Runtime Process Insemination

00:00
subtitles
off
playback rate
1
subtitles
off
English (auto-generated)
playback rate
0.25
0.5
0.75
1
1.25
1.5
1.75
2
quality
576p
18
 Cite
 Share
 Download Purchase
No logo availableDEF CON
 Webb, Shawn (lattera)

Formal Metadata

Title
Runtime Process Insemination
Title of Series
Number of Parts
122
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Injecting arbitrary code during runtime in linux is a painful process. This presentation discusses current techniques and reveals a new technique not used in other projects. The proposed technique allows for anonymous injection of shared objects, the ability to pwn a process without leaving any physical evidence behind. Libhijack, the tool discussed and released in this presentation, enables injection of shared objects in as little as eight lines of C code. This presentation will demo real-world scenarios of injecting code into end-user processes such as firefox, nautilus, and python. Shawn Webb is a professional security analyst. He works with Linux, FreeBSD, and Windows systems, finding vulnerabilities in in-house applications. He's a proud member and contributor of SoldierX. Twitter: lattera
00:00
Level (video gaming)Computer-generated imageryString (computer science)Gastropod shellConnected spaceExploit (computer security)Programmer (hardware)Order (biology)BlogWeb 2.0View (database)Information securityMereologyHacker (term)Formal languageHookingInformationPhysical system1 (number)Semiconductor memoryTheoryPresentation of a groupFunction (mathematics)WindowPointer (computer programming)Ocean currentLevel (video gaming)Memory managementProgramming paradigmCodeLibrary (computing)BitVulnerability (computing)GoogolAuthorizationTrailParallel portFunctional (mathematics)Different (Kate Ryan album)Multiplication signAsynchronous Transfer ModeRandom accessWeb applicationVirtual memorySoftwareMalwareBEEPGame controllerThermodynamischer ProzessProjective planeEncryptionRun time (program lifecycle phase)Server (computing)Revision controlSpyware32-bitOpen setStack (abstract data type)Binary codeRandomizationComputer animation
07:15
Process (computing)Linker (computing)Run time (program lifecycle phase)Tracing (software)Read-only memoryVirtualizationAddress spaceThermodynamischer ProzessUniform resource locatorKernel (computing)Multiplication signGodRun time (program lifecycle phase)Validity (statistics)DebuggerObject (grammar)Software developerRight angleComputer programmingFile formatLeakMetadataMereologyDifferent (Kate Ryan album)Order (biology)Library (computing)System callEmailComputer fileAlpha (investment)Functional (mathematics)SpeicheradresseSheaf (mathematics)CompilerVirtual memoryComputer virusGeneric programmingDynamical systemInterrupt <Informatik>BitPhysical systemLipschitz-StetigkeitSemiconductor memoryHexagonMemory managementWindowData storage deviceStructural loadBinary codePoint (geometry)QuicksortTable (information)Procedural programmingInheritance (object-oriented programming)Pointer (computer programming)Resource allocationGame controllerCoroutine1 (number)String (computer science)RootLinker (computing)CodeExistenceMaxima and minimaProcess (computing)Special unitary group32-bitRead-only memoryComputer animation
14:31
Read-only memoryFunction (mathematics)Object (grammar)Cheat <Computerspiel>EmailElectronic mailing listComputer programmingDirection (geometry)Parameter (computer programming)Functional (mathematics)Structural loadObject (grammar)Address spaceData structureSystem callRandomizationType theoryDifferent (Kate Ryan album)Patch (Unix)Pointer (computer programming)Point (geometry)Multiplication signTable (information)ParsingRight angleLink (knot theory)Inheritance (object-oriented programming)Semiconductor memoryCheat <Computerspiel>MappingProjective planeRun time (program lifecycle phase)Process (computing)Thermodynamischer ProzessDebuggerSlide ruleGodData storage deviceLevel (video gaming)Connected spaceProcedural programmingStack (abstract data type)Computer clusterSoftwarePhysical systemBitLinker (computing)Library (computing)Computer architectureMereologyElectronic signatureSymbol tableUniform resource locatorFile systemVirtual memoryMalwareSpywareCodeVideo gameErlang distributionIP addressSingle-precision floating-point formatComputer fileVariable (mathematics)Gastropod shellArmGame controllerSubject indexingSimulationHexagonLipschitz-StetigkeitMIDIPrototypeAnalytic continuation32-bitComputer animation
23:22
Object (grammar)Functional (mathematics)Multiplication sign32-bitLevel (video gaming)Table (information)Computer-assisted translationVirtual memorySemiconductor memorySystem administratorCodeCheat <Computerspiel>InjektivitätRun time (program lifecycle phase)Projective planeThermodynamischer ProzessLibrary (computing)Data structureDebuggerObject (grammar)Link (knot theory)MultiplicationLine (geometry)Computer programmingCloningPersonal identification numberProcedural programmingMappingStructural loadComputing platformComputer fileSpywareRevision controlOnline helpCoroutineWeb 2.0Uniqueness quantificationSystem callRandomizationPatch (Unix)Mixed realityAddress spaceAssembly languageLoop (music)Physical systemProgrammer (hardware)Set (mathematics)Computer architectureMereologyRight angleOperating systemGoodness of fitSimulationSlide rulePlotterBitLinker (computing)Hidden Markov modelPlug-in (computing)IntelSoftware testingPerspective (visual)ImplementationOpen setEmailSoftware development kitComputer animation
32:14
Demo (music)Image resolutionQuicksortBitComputer architectureComputer programmingPoint (geometry)Patch (Unix)Android (robot)PlastikkarteOperating systemDefault (computer science)Library (computing)ImplementationReal numberRollenbasierte ZugriffskontrolleObject (grammar)Extension (kinesiology)Functional (mathematics)Semiconductor memoryFluid staticsCodeLeakMixture modelInformation securityPhysical systemKernel (computing)System callEnterprise architectureSoftware developerMathematicsSoftware bugProfil (magazine)Table (information)MiniDiscJava appletComputer clusterLimit (category theory)SpywarePlug-in (computing)Binary codeLipschitz-StetigkeitGodDemosceneComputer configurationDemo (music)Quantum stateSpecial unitary groupMassOnline helpAdventure gameRun time (program lifecycle phase)Level (video gaming)Computer animation
41:05
Object (grammar)Electronic visual displayRight angleServer (computing)Goodness of fit
41:42
Maxima and minimaExecution unitComputer-assisted translationObject (grammar)Principal ideal domainType theoryThermodynamischer ProzessMappingMereologyGastropod shellRootInformation securityDemo (music)Shared memoryInjektives ObjektLibrary (computing)Computer programmingOpen setComputer fileSource codeLecture/Conference
43:51
RootWindowRadiusSpeech synthesisComputer animation
Transcript: English(auto-generated)