- 论坛徽章:
- 0
|
大家好,我想做一个library call hook. 是glibc提供的库函数(strcpy, strlen),而不是系统调用。
有两种办法,一种是LD_PRELOAD,第二种是ptrace。我编译了Injectso源码,发现出错,无法找到符号表中的_dl_open
Injectso 2002年出现的,是不是Linux内核的linker和动态链接原理发生了变化,导致Injectso无法工作。(参考网页:http://blog.chinaunix.net/space. ... blog&id=1962528)
附: 下面是在一个进程影像找到的符号表中得信息,
got it getpagesize
got it abort
got it __errno_location
got it __cxa_atexit
got it open64
got it fputs_unlocked
got it __ctype_get_mb_cur_max
got it realloc
got it calloc
got it write
got it memset
got it __libc_start_main
got it stpcpy
got it _exit
got it bindtextdomain
got it mbrtowc
got it read
got it free
got it dcgettext
...
got it exit
Sorry, No such sym _dl_open |
|
免费注册
发表于 2011-11-05 06:32