Techly NewsGet the app

Get the latest tech news

I Built an Ld_preload Worm


Teenagers' hands are the devil's playthings.

In essence, you often find yourself writing malicious programs to prove that a hypothesized flaw is real — and to convince coworkers, clients, or third-party software vendors that they need to act. Well — yesterday, while digging through the backups of my files from the late 1990s and thereabouts, I accidentally rediscovered by far the most risqué proof-of-concept of my own making: a privately-shared demonstration of an LD_PRELOAD worm, dubbed unicorns.so, and apparently written to settle an argument about distributed trust. A simpler option is to exploit a neat race condition: when two programs perform a blocking read() on the same terminal, one wins and another loses — and when su displays a password prompt, we could make sure that the winner is the evil library.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Ld_preload Worm

Ld_preload Worm

« Russia Issues Arrest Warrant For Ex-Chess Champion Garry Kasparov
Winner of $1.3B Powerball jackpot is a immigrant from Laos who has cancer »