Explore how attackers operate and their favorite tools and targets in our new SANS research. Get the Report ›

asminject.py: Compromise Trusted Linux Processes and Containers

This step-by-step technical guide highlights the capabilities of asminject.py, a code injection tool used to compromise Linux processes and containers.

Imagine a scenario where container-level endpoint security is part of a larger overall strategy to protect sensitive data in containers from users with administrator access to the Linux systems that host those containers. In an ideal world, the IT staff would have access to manage the overall system but would somehow be prevented from accessing the actual data. However, in reality, penetration testers recognize the dangers of accessing the sensitive data by manipulating the container processes from the host level regardless of how secure the endpoint protection strategy actually is.

With asminject.py, penetration testers have a helpful tool to understand attack scenarios against Linux-trusted processes and containers. By injecting arbitrary binary code via the Linux process filesystem (procfs) interface, pen testers can compromise trusted processes demonstrating critical flaws in security strategies intended to keep sensitive data hidden from unauthorized users.

In this technical guide, you will learn:

  • Why asminject.py was created
  • How to use asminject.py for pen testing
  • The results of using asminject.py on a real-world problem

Ben Lincoln Headshot Managing Senior Security Consultant Bishop Fox

About the author, Ben Lincoln

Managing Senior Consultant II, Bishop Fox

Ben Lincoln is a Managing Senior Consultant II at Bishop Fox and focuses on application security. He has extensive experience in network penetration testing, red team activities, white-/black-box web/native application penetration testing, and exploit development. Prior to joining Bishop Fox, Ben was a security consultant with NCC Group, a global information assurance consulting organization. He also previously worked at a major retail corporation as a senior security engineer and a senior systems engineer. Ben delivered presentations at major security conferences, including "A Black Path Toward the Sun" at black hat USA 2016. Ben is OSCP-certified and has released several open-source exploit tools.

More by Ben

Extend Your Knowledge

Check out these related resources.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.