all InfoSec news
How does xz's backdoor rewrite the entry of RSA_public_decrypt@....plt ?
March 30, 2024, 11:22 a.m. | /u/tamaroning
cybersecurity www.reddit.com
[https://openwall.com/lists/oss-security/2024/03/29/4](https://openwall.com/lists/oss-security/2024/03/29/4)
[https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27](https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27)
The first article refers to hack glibc IFUNC resolver and hooks to the dynamic linker (ld-linux.so?).
As a result, importantly, calls to RSA\_public\_decrypt redirects to malicious code.
But I dont understand how attackers register hooks into the dynamic linker. I heard that the malicious function analyzes the symbol table.
Someone can explain it?
article articles attack attackers backdoor code cybersecurity dynamic entry glibc hack linux malicious redirects register resolver result rsa understand
More from www.reddit.com / cybersecurity
Picking your sources of IoC
1 day, 7 hours ago |
www.reddit.com
Are password requirements useless?
1 day, 7 hours ago |
www.reddit.com
Upcoming conferences for 2024?
1 day, 8 hours ago |
www.reddit.com
How does a processor execute encrypted binaries.
1 day, 9 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Sr. Staff Firmware Engineer – Networking & Firewall
@ Axiado | Bengaluru, India
Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)
@ SAP | Walldorf, DE, 69190
SAP Security Administrator
@ FARO Technologies | EMEA-Portugal