From announce at lists.nycbug.org Wed Mar 4 17:41:01 2026 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Wed, 4 Mar 2026 17:41:01 -0500 Subject: [announce] Next NYC*BUG: Tonight! 2026-03-04 @ 18:45 local (23:45 UTC) - Backroom of Brass Monkey 55 Little West 12th St Message-ID: Weird Code Injection Techniques on FreeBSD With libhijack.pdf remote presentation, Shawn Webb 2026-03-04 @ 18:45 local (23:45 UTC) - Backroom of Brass Monkey 55 Little West 12th St Remote participation: Plans are to stream via NYC*BUG website. Q&A will be via IRC on libera.chat channel #nycbug - please preface your questions with '[Q]'. FreeBSD is a widely-used open source operating system, powering your Playstation 4 and 5, Netflix, Juniper devices, and many other devices. libhijack is a post-exploitation tool to make code injection easier. In as little as four lines of code, developers can inject a complete shared object into another process fully anonymously. libhijack makes it easy to force the target process to create new anonymous memory mappings, inject code into memory-backed file descriptors, and finally call fdlopen on the memfd. This presentation walks attendees through various methods in which to stealthily inject code into a target process - some of these methods are new variants of prior work and remain unique to libhijack. Shawn Webb is the co-founder of the HardenedBSD Project and the founding president of The HardenedBSD Foundation, a tax-exmpt not-for-profit 501?3 charitable organization in the US. While Shawn has a few decades of experience in infosec, both as a profession and a hobby, he considers himself a perpetual newb. He works for IOActive, an offensive security company, spending his time finding vulnerabilities in customer products. While working in the NSA?s backyard, he had the opportunity to be mentored by two interns - an experience that changed his life. He and his interns focused on the intersection of human rights and information security and cybersecurity. Shawn ?lattera? Webb also maintains a post-exploitation tool called libhijack. It makes runtime process infection and runtime function hooking for remote processes over the ptrace boundary incredibly simple on FreeBSD. -------------- next part -------------- An HTML attachment was scrubbed... URL: From announce at lists.nycbug.org Fri Mar 13 13:03:32 2026 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Fri, 13 Mar 2026 13:03:32 -0400 Subject: [announce] Next NYC*BUG: April 1st. With MWL! Honestly! Message-ID: Believe it or not, we were able to convince Michael W. Lucas to give the April 1st talk for NYC*BUG. His talking entitled : "What's Changed Since The Last Time I Came this Way: a talk that was supposed to be about OpenZFS." Details to follow.