asminject.py is a code injection tool that compromises Linux-trusted processes and containers.
Protecting software and sensitive data from theft or misuse is unlikely to succeed if attackers gain administrative or physical access to devices that process information in unencrypted form - even for a fraction of a second. We've created asminject.py
, a tool that demonstrates an attack on Linux processes and containers using compromised administrative access to the host. Asminject.py
was inspired by an environment where container-level endpoint security was part of a larger strategy to protect information within the containers from users with administrator access to the Linux systems that hosted the containers.
Use asminject.py
to tamper with trusted processes by injecting arbitrary code via the Linux process filesystem (procfs
) interface to capture sensitive data. Without intrusive monitoring at the host level, asminject.py
keeps compromise attempts under the radar with minimal detection or response from existing defenses.
Ben Lincoln is a Managing Senior Consultant II at Bishop Fox and focuses on application security. He has extensive experience in network penetration testing, red team activities, white-/black-box web/native application penetration testing, and exploit development. Prior to joining Bishop Fox, Ben was a security consultant with NCC Group, a global information assurance consulting organization. He also previously worked at a major retail corporation as a senior security engineer and a senior systems engineer. Ben delivered presentations at major security conferences, including "A Black Path Toward the Sun" at Black Hat USA 2016. Ben is OSCP-certified and has released several open-source exploit tools. Ben's personal projects and research at https://www.beneaththewaves.net
asminject.py: Compromise Trusted Linux Processes and Containers
This step-by-step technical guide highlights the capabilities of asminject.py, a code injection tool used to compromise Linux processes and containers.
Tool Talk: asminject.py
Watch as we explore Bishop Fox’s very own asminject.py, a code injection tool that tampers with trusted Linux processes to capture sensitive data and change program behavior.
This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.