[CALUG] October 9 Meeting Announcemnet - Runtime Process Insemination

Chuck Frain chuck at chuckfrain.net
Sun Oct 6 09:16:01 EDT 2013


Greetings All,

The next CALUG meeting will be happening this Wednesday October 9th from
6:30 until 9pmish. We'll be welcoming Shawn Webb who will be giving his
talk "Runtime Process Insemination". 

Writing malware on Linux isn't an easy task. Anonymously injecting
shared objects has been a frightful task that no one has publicly
implemented. This presentation will show how and why malware authors can
inject shared objects anonymously in 32bit and 64bit Linux and 64bit
FreeBSD. The presenter will be showing how a tool he created called
libhijack aims to make injection of arbitrary code and shared objects
extremely easy. There will be a live demo injecting a root shell
backdoor into multiple programs during runtime.

Shawn Webb is a Senior Research Engineer for Sourcefire, Inc. He
specializes in secure coding practices. Along with starting his own
opensource projects, he has contributed to FreeBSD, ClamAV, and other
projects.

The meeting will take place at OmniTI, located in Fulton, MD. The
address is 11830 West Market Place Fulton, MD 20759. The building is
near the Harris Teeter, easily seen from the road. When you approach the
HT head on, the OmniTI office building is to its right.

We'll be using the back entrance which is surrounded by plants which
will lead directly to the meeting room.

Be sure to show up from 6:30 until 7 for pizza provided by Praxis
Engineering and socializing. We'll start the meeting about 7pm.

http://www.calug.org
http://www.praxiseng.com
http://omniti.com
http://omniti.com/is/here

-- 
Chuck Frain 
GPG Key: B2420431
http://www.chuckfrain.net



More information about the CALUG mailing list