Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Backdooring with Metadata

via YouTube

Overview

Explore a conference talk on backdooring techniques using metadata, presented at Circle City Con 5.0 in 2018. Delve into the intricacies of userland backdoors, focusing on the BACE (Binary-based Application Composition Engine) approach. Learn about chmod and setuid mechanisms, and how they can be combined with BACE to create backdoors via metadata. Compare this method to traditional rootshell backdoors, and discover the cross-platform capabilities of BACE. Examine environment variables, setuid-wrapper.c, and process spawning techniques. Gain insights into detecting and mitigating these methods, and explore potential future developments in this field.

Syllabus

Intro
Failure Point #1 in Userland Backdoors
Introduction to BACE (Cont.)
Quick Overview of chmod and setuid Mechanism
BACE + chmod, setuid = Backdoor via Metadata
Direct Command
Pros/Cons of this Method
Method #1 vs Traditional Rootshell Backdoor
Fun Fact: en is a cross-platform BACE!
Environment Variables
Hello setuid-wrapper.c
Spawning a Process
Demo of /usr/bin/python
Releasing The BACE Excel Sheet
Ideas for Detecting & Mitigating the Methods
Ideas for Future Methods
Acknowledgement

Reviews

Start your review of Backdooring with Metadata

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.