Project Jugaad

// July 3rd, 2011 // Projects

Name: Project Jugaad
Category: API (Linux)
Author/Owner: Aseem Jakhar

Source Code: https://github.com/aseemjakhar/jugaad

Download the project from github using git command:
$ git clone git://github.com/aseemjakhar/jugaad.git

Introduction:

Windows malware conveniently uses the CreateRemoteThread API to delegate critical tasks within
the context of other processes. However, there is no similar API on Linux to perform such operations.
This paper talks about my research on creating an API similar to CreateRemoteThread for the *nix
platform.
The aim of the research is to show, how a simple debugging functionality in *nix OSes can be
exploited by a piece of malware to hide itself and delegate the critical (malicious) operations to an
innocent process.
The presented Proof of Concept toolkit named “Jugaad” currently works on Linux. In order to achieve
its primary goal, it allocates the required memory space inside a specified process, creates a thread,
injects arbitrary payload and executes it in the context of the remote thread.

Whitepaper: http://null.co.in/2011/07/03/project-jugaad/

One Response to “Project Jugaad”

  1. AbhishekKr says:

    for all those who due to some reason don’t/can’t/want to use Git utilities… could download the same repo from “the same source” using this link:

    for .tar.gz compressed archive: https://github.com/aseemjakhar/jugaad/tarball/master

    for .zip compressed archive: https://github.com/aseemjakhar/jugaad/zipball/master

Leave a Reply