Backdooring with Metadata
Offered By: YouTube
Course Description
Overview
Explore a conference talk on backdooring techniques using metadata, presented at Circle City Con 5.0 in 2018. Delve into the intricacies of userland backdoors, focusing on the BACE (Binary-based Application Composition Engine) approach. Learn about chmod and setuid mechanisms, and how they can be combined with BACE to create backdoors via metadata. Compare this method to traditional rootshell backdoors, and discover the cross-platform capabilities of BACE. Examine environment variables, setuid-wrapper.c, and process spawning techniques. Gain insights into detecting and mitigating these methods, and explore potential future developments in this field.
Syllabus
Intro
Failure Point #1 in Userland Backdoors
Introduction to BACE (Cont.)
Quick Overview of chmod and setuid Mechanism
BACE + chmod, setuid = Backdoor via Metadata
Direct Command
Pros/Cons of this Method
Method #1 vs Traditional Rootshell Backdoor
Fun Fact: en is a cross-platform BACE!
Environment Variables
Hello setuid-wrapper.c
Spawning a Process
Demo of /usr/bin/python
Releasing The BACE Excel Sheet
Ideas for Detecting & Mitigating the Methods
Ideas for Future Methods
Acknowledgement
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube