SoldieX website.

I thought I recognized security/libhijack having been mentioned recently.

It was referenced in a youtube video posted recently. I couldn't see by who, possibly Phishfry, on Writing FreeBSD Malware by Shawn Webb of HardenedBSD:

 
I think that is @lattera. He is a really nice guy, it seems. Inclusive he often ask if someone want him to write something; like a module for something or anything like that, on IRC.
 
I guess I was most surprised to see that it was part of the ports tree, but why not?

However, as the Red Devil's Advocate in this indictment I must point out while their article is dated 10 January, 2018:

In the land of red devils known as Beasties exists a system devoid of meaningful exploit mitigations. As we explore this vast land of opportunity, we will meet our ELFish friends, [p]tracing their very moves in order to hijack them. Since unprivileged process debugging is enabled by default on FreeBSD, we can abuse PTrace to create anonymous memory mappings, inject code into them, and overwrite PLT/GOT entries. We will revive a tool called libhijack to make our nefarious activities of hijacking ELFs via PTrace relatively easy.

https://www.soldierx.com/news/libhijack-PoCGTFO-0x17

That is no longer the case and hasn't been since FreeBSD 11.0-RELEASE. It's one of the new System Hardening options available during the installation process I personally advise to disable in my tutorial by setting the following variables, in addition to setting others manually later on:

Disable reading kernel message buffer for unprivledged users
Disable process dubugging facilities for unprivledged users
Ramndomize the PID for newly created processes
Insert stack guard page ahead of the growable segments

https://forums.freebsd.org/threads/...-set-up-a-freebsd-desktop-from-scratch.61659/

Although, I hope this helps serve to put plans in work of further hardening FreeBSD with Senior Daemons.
 
Back
Top