User: Password:
|
|
Subscribe / Log in / New account

TCP connection hijacking and parasites - as a good thing

TCP connection hijacking and parasites - as a good thing

Posted Aug 23, 2011 12:15 UTC (Tue) by i3839 (guest, #31386)
In reply to: TCP connection hijacking and parasites - as a good thing by swebb
Parent article: TCP connection hijacking and parasites - as a good thing

Why would libhijack become more powerful with PTRACE_SEIZE?
As far as I can tell, it only makes ptracing more transparent,
not more powerful.

This example doesn't do anything that couldn't have been done
with normal ptrace, as far as I can tell.

And the whole approach is total madness. Why not just steal the
connection by passing the socket fd to the new target and closing
it in the original task? For that you only need to inject a couple
of system calls, with less disruptive data injections. No need to
muck around in TCP states, netfilter and all that other madness.


(Log in to post comments)

TCP connection hijacking and parasites - as a good thing

Posted Aug 23, 2011 15:00 UTC (Tue) by dlang (subscriber, #313) [Link]

you can only pass the socket FD to a process on the same system.

this approach can move the TCP connection to a different system.

TCP connection hijacking and parasites - as a good thing

Posted Aug 23, 2011 21:39 UTC (Tue) by i3839 (guest, #31386) [Link]

I think that the current code only handles local processes too,
at least that was my impression after reading the code, especially
main.c. You're right that this approach could make remote moves
possible.

But damn, it's ugly. I'd say, add an explicit connection moving
API instead of this mess.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds