2014-02-18 18:42 GMT+01:00 Giancarlo Razzolini <grazzol...@gmail.com>: > Em 18-02-2014 14:36, Dmitrij D. Czarkoff escreveu: >> You perfectly demonstrated your ability to alter the code that will be >> run with your privileges. Still, it is useless as the injected code >> will be running with your privileges, so this has no practical output. >> Either you are able to demonstrate the way you raise your privileges >> using this method or you failed to make your point. > Dmitri, > > We are not discussing privilege escalation. We assume that for > installing a rootkit, one has root access on the machine. Hence the root > in rootkit. What we are discussing is if it is possible, using > LD_PRELOAD, to inject code on the execution of any given programs, and > to be able to hide the fact that the machine has a rootkit installed > using this method. > > Cheers,
> Giancarlo Razzolini > GPG: 4096R/77B981BC > yup, and as I wrote earlier: Firstly, I don't know of any vulnerability in order to gain privilege (e.g. uid 0) using LD_PRELOAD. I want it to be clearly defined. http://osdir.com/ml/general/2014-02/msg33581.html Daniel
