|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Kristian Erik Hermansen (kristian.hermansen
gmail.com)
Date: Fri Apr 06 2012 - 04:08:17 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, Apr 4, 2012 at 1:04 PM, Alex McGeorge <alexmimmunityinc.com> wrote:
> Our friends at D2 Security* have released a really nice Linux binary to
> help you do exactly that. The operation is pretty simple, you invoke
> this program with an argument of the program you want to intercept TTY
> input/output from and the D2 module conveniently places that data in a
> file for you to review later. This leads to mischief like: alias
> ssh='/dev/shm/d2sec_ttymitm /usr/bin/ssh' which is pretty fun! So fun in
> fact we made a movie about it which you can view here:
> http://partners.immunityinc.com/movies/D2Sec-TTYMITM.mov
In the video, you claim the module requires root to work. Last time I
checked (maybe 1998), LD_PRELOAD could hook any user application
without such privileges. So how is LD_PRELOAD not superior? ;)
> In case you're concerned that this is purely a marketing effort on our
> part, if you watch the video all the way to the end you will actually
> learn a skill your parents probably forgot to teach you. Here's a hint:
> it's not at all related to IT.
Always wanted to learn how to fold a fitted sheet!
--
Kristian Erik Hermansen
https://profiles.google.com/kristian.hermansen
_______________________________________________
Dailydave mailing list
Dailydavelists.immunityinc.com
https://lists.immunityinc.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]