On Fri, Apr 06, 2012 at 07:03:48PM +0100, Adrien Kunysz wrote: > On Fri, Apr 06, 2012 at 02:08:17AM -0700, Kristian Erik Hermansen wrote: > > In the video, you claim the module requires root to work. Last time I > > checked (maybe 1998), LD_PRELOAD could hook any user application > > without such privileges. So how is LD_PRELOAD not superior? ;) > > Oh wait if requiring root is OK, I would suggest looking at SystemTap > (or DTrace if you are that kind of person): http://stapbofh.krunch.be/ > > And for non-root backdooring, I like Metlstorm's approach: > http://www.insomniasec.com/publications/shellgame.pdf >
d2sec_ttymitm doesn't require root privileges to work. We know that LD_PRELOAD could hook any user application without such privileges. But this tool is only another way to backdoor applications as su, sudo or ssh, with tty devices. It's nothing else. -- DSquare Security, LLC http://www.d2sec.com _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
