Stack overflow error. - Githubissues

chokepoint / azazel

Azazel is a userland rootkit based off of the original LD_PRELOAD technique from Jynx rootkit. It is more robust and has additional features, and focuses heavily around anti-debugging and anti-detection.

GNU General Public License v2.0

771 stars 177 forks source link

Stack overflow error. #8

Closed nil0x42 closed 9 years ago

nil0x42 commented 9 years ago

Azazel suffers a stack overflow bug on wtmp_clean && utmp_clean, because they use hooked open() instead of libc's open() function, making calls to is_owner() recursive when HIDE_THIS_SHELL env var is set.

nil0x42 commented 9 years ago

As you merged commit https://github.com/chokepoint/azazel/commit/16ca8ac6ed7280e0da73c0f7a166c84ea03ebaa7 , it closes this issue.