That time I built an LD_PRELOAD worm - lcamtuf’s thing
One of the most interesting aspects of working in information security is the task of developing proof-of-concept code. In essence, you often find yourself writing malicious programs to prove that a hypothesized flaw is real — and to convince coworkers, clients, or third-party software vendors that they need to act.
The line between securing systems and aiding the bad guys can be thin; it takes just a couple of finishing touches to turn a proof-of-concept exploit into a tool that can do real harm. In one famous instance — the Morris worm of 1988 — it was the researcher himself who couldn’t resist the temptation. In most other cases, the work is done by less scrupulous parties who get their hands on the research, thus leading to endless debates about the ethics of vulnerability disclosure.
Well — yesterday, while digging through the backups of my files from the late 1990s and thereabouts, I accidentally rediscovered by far the most risqué proof-of-concept of my own making: a privately-shared demonstration of an LD_PRELOAD worm, dubbed unicorns.so, and apparently written to settle an argument about distributed trust.
.png)
