asminject.py: Compromise Trusted Linux Processes and Containers

This step-by-step technical guide highlights the capabilities of asminject.py, a code injection tool used to compromise Linux processes and containers.

Download Guide

Imagine a scenario where container-level endpoint security is part of a larger overall strategy to protect sensitive data in containers from users with administrator access to the Linux systems that host those containers. In an ideal world, the IT staff would have access to manage the overall system but would somehow be prevented from accessing the actual data. However, in reality, penetration testers recognize the dangers of accessing the sensitive data by manipulating the container processes from the host level regardless of how secure the endpoint protection strategy actually is.

With asminject.py, penetration testers have a helpful tool to understand attack scenarios against Linux-trusted processes and containers. By injecting arbitrary binary code via the Linux process filesystem (procfs) interface, pen testers can compromise trusted processes demonstrating critical flaws in security strategies intended to keep sensitive data hidden from unauthorized users.

In this technical guide, you will learn:

  • Why asminject.py was created
  • How to use asminject.py for pen testing
  • The results of using asminject.py on a real-world problem
Ben Lincoln Headshot Managing Senior Security Consultant Bishop Fox

About the author, Ben Lincoln

Managing Principal

Ben Lincoln is a Managing Principal at Bishop Fox and focuses on application security. He has extensive experience in network penetration testing, red team activities, white-/black-box web/native application penetration testing, and exploit development. Prior to joining Bishop Fox, Ben was a security consultant with NCC Group, a global information assurance consulting organization. He also previously worked at a major retail corporation as a senior security engineer and a senior systems engineer. Ben delivered presentations at major security conferences, including "A Black Path Toward the Sun" at Black Hat USA 2016. Ben is OSCP-certified and has released several open-source exploit tools.

More by Ben

Extend Your Knowledge

Check out these related resources.

Bishop Fox Tool Talk Episode 8 asminject.py
Webcast

Tool Talk: asminject.py

Watch as we explore Bishop Fox’s very own asminject.py, a code injection tool that tampers with trusted Linux processes to capture sensitive data and change program behavior.

Learn More
Vintage vinyl record sleeve featuring a purple fox with Greatest hits of offensive testing tools in 2022. Greatest Hits: A Compilation of Our Favorite Offensive Testing Tools.
Guide

Greatest Hits: A Compilation of Our Favorite Offensive Testing Tools

What’s better than a Top 10 List? An ultimate guide of all our favorite lists – from red team and cloud penetration tools TO our favorite music to hack to and the best reads for your offensive security journey. We’ve got you covered to level up your penetration testing game with this comprehensive guide of hacking goodies.

Learn More
Blog post title plus a bar graph showing the exploitable exposures most often found by hackers. Know Your Enemy, Know Yourself: Examining the Mind of a Cyber Attacker.
Industry

Sep 28, 2022

Know Your Enemy, Know Yourself: Examining the Mind of a Cyber Attacker

By Wes Hutcherson

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.