RE: binary switching, no killing

["Dom De Vitto" <Dom () DeVitto com>]

It's quite possible, with support from the original application.
But when the original apps help, you'd need some cunning kernel
magic to "swap" process ids (which would come with lots of kernel
table entries, etc.).

Hmmm, unless the bit of code you want to switch is part of a DLL
- then you may be able to mmap the dll and hand-modify the code.
Hmmm, thinking about it, you could do the same with a vi /proc/...

Lots of ways, all tricky, but possible.

Dom
-----Original Message-----
From: Craig Holmes [mailto:Leusent () home com]
Sent: 23 September 2001 04:08
To: pen-test () securityfocus com
Subject: binary switching, no killing


Hi Listmembers,
        Me and some friends have created a small irc network in which we are
implementing ssl encryption between client and server. Our original ircd did
not have this feature and now our new ircds do. The problem is in upgrading,
the whole ircd must be killed and a new one started, which causes all
clients
to drop. My question is, is it possible to almost "hijack" a process, and
switch the binary without losing the pid & tcp/ip connections? Is this a
crazy and impossible idea, or has it been done?


Any help would be appreciated!

           Thanks in advance,
                Craig Holmes


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/




----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/