I have executable ELF file, that uses library lib.so, and this ELF invokes function Func1 from lib.so I need to hook this function, so it will be replaced with my function, that does something else. How can I do this without changing this executable file ? Answer Take a look at LD_PRELOAD. That environment va…
Tag: hook
Receiving socket information from netfilter NF_INET_PRE_ROUTING hook function in linux kernel
I wrote a netfilter hook function for incoming packets in linux kernel. Is there a way to get the receiving socket information from the hook function. The code is Lets assume I have a udp socket open at port 15000 and a udp packet arrives at port 15000. In the above written hook function how can I access the …
Hook and block globally mouse in X11
I need to hook globally mouse clicks and block last click if delay between two clicks is less than was set. I wrote it for windows using WM_MOUSE_LL hook. I was unable to find any solution for me. Is it even possible to globally block mouse click in X11 ? Windows full code Answer As far as I know the
Linux filesystem nesting and syscall hooking
Using 2.6.32 linux kernel, I need to use a specific filesystem on a block device partition and I wan’t to hook open/write/read/close (and few others) syscalls to read/write, in an other fashion that the specific filesystem, what should be written on this partition. It would be only for this partition, o…
How to slow all time measurements of a process?
I’d like to make an application believe that time is going faster/slower than real time. I.e. I need to make all the time measurement APIs return t0+dt*s with user-defined s when t0+dt is real time. This would affect anything like gettimeofday() as well as timer_gettime() and all related functions and m…
Limiting syscall access for a Linux application
Assume a Linux binary foobar which has two different modes of operation: Mode A: A well-behaved mode in which syscalls a, b and c are used. Mode B: A things-gone-wrong mode in which syscalls a, b, c and d are used. Syscalls a, b and c are harmless, whereas syscall d is potentially dangerous and could cause in…