Backdoor Foundry - A Toolchain for Building Application Specific Implants

Explore the world of application-specific implants in this 28-minute conference talk from Recon 2019. Dive into the challenges and desired capabilities of building backdoors, with a focus on Executable and Linkable Format (ELF) files. Learn about executable containers, the software build lifecycle, and the crucial role of linking in enabling loaders to function. Examine prior art in application backdoors, including unsophisticated "binders" and improvements brought by "The Backdoor Factory." Gain in-depth knowledge of ELF file components, artifacts generated during build cycles, and the manipulation of symbols. Discover how static and dynamic relocation is performed, the function of section and program headers, and the data structures that underpin these processes. By the end of this talk, acquire a comprehensive understanding of the toolchain for creating application-specific implants and the intricacies of ELF file manipulation.