Security Basics mailing list archives
scalable syscall proxying
From: pleed <pleed () koeln ccc de>
Date: Tue, 24 Nov 2009 22:51:17 +0100
Hi there, some weeks ago i ve read papers about syscall proxying. When i was looking for implementations, i just found very specific code (e.g. at ueberwall.org) that could be used for minimal application. Thats why i thought it could be funny to write my own, scalable syscall proxy. My concept includes: - using ptrace SYSEMU to catch a process syscalls instead of overwriting libc wrappers - providing an interface to enable/disable proxying in runtime - supporting functions for allocating memory on the remote machine and use that memory to buffer read/write operations without transfering the data The goal is to be able to use any program without modification and in addition providing more possibilities for tools directly developed for syscall proxying. When its done, it will be free software of course. What do you think about such a concept? Could there be a use in productive pentesting or is it damned to be bloated too much for real use? Thanks for your feedback! pleed ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- scalable syscall proxying pleed (Nov 25)