Whitepaper detailing how to successfully patch the linux kernel in order to allow ptracing /sbin/init, and subsequently inject a connect-back shellcode into the target process. Patch code included.
You can download it from the following link: https://packetstormsecurity.com/files/download/32423/init_rpi.txt
Source: https://packetstormsecurity.com/files/32423/init_rpi.txt.html