Privilege Escalation via File Descriptors in Privileged Binaries
Today I wanted to cover an application security topic that applies to SetUID binaries. As we all know, making a mistake in a SetUID binary will lead to privilege escalation. Today’s topic is about SetUID binaries that drop privileges, but leave a file they opened, well, opened. This creates ...
Continue Reading
How to Update the Nmap OUI Database
network |
professionally evil |
Secure Ideas |
NMAP |
Linux |
IEEE |
OUI |
nmap-mac-prefixes
Overview In a previous blog post, I covered what an OUI is, how to extract them from a MAC ...
Continue Reading
LD_PRELOAD: Making a Backdoor by Hijacking accept()
application security |
professionally evil |
Secure Ideas |
LD_PRELOAD |
accept |
dup2 |
make |
Linux |
programming |
Shared Objects |
dlsym |
shell |
backdoor |
rootkit |
userland |
ELF |
inject |
injection
Today I want to continue the series on using LD_PRELOAD. In previous posts, we covered how to ...
Continue Reading