Interested in getting started with userland rootkits? Brett Mack from OpenCredo will starting right from the beginning on how to create a very basic rootkit!
Brett finds there is so much that can be learned from the InfoSec community, seeing how a system or service can be broken is a great way to learn how it works. This talk aims to provide an introduction to userland rootkits, specifically those that leverage the LD_PRELOAD technique. During the talk, he will take you through creating a very basic rootkit, and show how they work with a little help from C, the GNU linker, and a tiny bit of assembly (Brett knows neither of these languages well so it will be kept basic).
YOU MAY ALSO LIKE:
An introduction to userland rootkits. How they work and what we can learn from them
Brett Mack is a DevOps consultant working for OpenCredo. He has been a Linux user since the painful days of Mandrake 8.0.