[announce] Next NYC*BUG: Tonight! 2026-03-04 @ 18:45 local (23:45 UTC) - Backroom of Brass Monkey 55 Little West 12th St

NYC*BUG Announcements announce at lists.nycbug.org
Wed Mar 4 17:41:01 EST 2026 

 Weird Code Injection Techniques on FreeBSD With libhijack.pdf remote
presentation, Shawn Webb
2026-03-04 @ 18:45 local (23:45 UTC) - Backroom of Brass Monkey 55 Little
West 12th St
Remote participation: Plans are to stream via NYC*BUG website. Q&A will be
via IRC on libera.chat channel #nycbug - please preface your questions with
'[Q]'.

FreeBSD is a widely-used open source operating system, powering your
Playstation 4 and 5, Netflix, Juniper devices, and many other devices.
libhijack is a post-exploitation tool to make code injection easier. In as
little as four lines of code, developers can inject a complete shared
object into another process fully anonymously.

libhijack makes it easy to force the target process to create new anonymous
memory mappings, inject code into memory-backed file descriptors, and
finally call fdlopen on the memfd.

This presentation walks attendees through various methods in which to
stealthily inject code into a target process - some of these methods are
new variants of prior work and remain unique to libhijack.

Shawn Webb is the co-founder of the HardenedBSD Project and the founding
president of The HardenedBSD Foundation, a tax-exmpt not-for-profit 501©3
charitable organization in the US. While Shawn has a few decades of
experience in infosec, both as a profession and a hobby, he considers
himself a perpetual newb. He works for IOActive, an offensive security
company, spending his time finding vulnerabilities in customer products.

While working in the NSA’s backyard, he had the opportunity to be mentored
by two interns - an experience that changed his life. He and his interns
focused on the intersection of human rights and information security and
cybersecurity.

Shawn “lattera” Webb also maintains a post-exploitation tool called
libhijack. It makes runtime process infection and runtime function hooking
for remote processes over the ptrace boundary incredibly simple on FreeBSD.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/announce/attachments/20260304/ac13e89c/attachment.htm>

More information about the announce mailing list