Professionally Evil Blog

A blog by experts of penetration testing and other security assessments.
    Privilege Escalation via File Descriptors in Privileged Binaries
        Today I wanted to cover an application security topic that applies to SetUID binaries.  As we all know, making a mistake in a SetUID binary will lead to privilege escalation. Today’s topic is about SetUID binaries that drop privileges, but leave a file they opened, well, opened.  This creates ...
    Continue Reading

    Never miss a Professionally Evil update!

    How to Update the Nmap OUI Database
    network  |  professionally evil  |  Secure Ideas  |  NMAP  |  Linux  |  IEEE  |  OUI  |  nmap-mac-prefixes
    Overview     In a previous blog post, I covered what an OUI is, how to extract them from a MAC ...
    Continue Reading
    LD_PRELOAD: Making a Backdoor by Hijacking accept()
    application security  |  professionally evil  |  Secure Ideas  |  LD_PRELOAD  |  accept  |  dup2  |  make  |  Linux  |  programming  |  Shared Objects  |  dlsym  |  shell  |  backdoor  |  rootkit  |  userland  |  ELF  |  inject  |  injection
        Today I want to continue the series on using LD_PRELOAD.  In previous posts, we covered how to ...
    Continue Reading