ftrace-hook Linux kernel module demonstrating usage of ftrace framework for function hooking: as in executing arbitrary code around the hooked function. The code is licensed under GPLv2. How to build Please consider using a virtual machine (VirtulBox, VMWare, QEMU, etc.) for experiments. The (...
使用ftrace: //在头文件中写上hook数组structftrace_hookhooks[]={HOOK("__x64_sys_mkdir",hook_mkdir,&orig_mkdir),HOOK("__x64_sys_getdents",hook_getdents,&orig_getdents)};//在模块初始化时执行hook安装fh_install_hooks(hooks,ARRAY_SIZE(hooks));//在模块卸载化时执行hook卸载fh_remove_hooks(...
# # Automatically generated file; DO NOT EDIT. # Linux/x86 6.1.21.21 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (Ubuntu 11.1.0-1ubuntu1~20.04) 11.1.0" CONFIG_CC_IS_GCC=y CONFIG_GCC_VERSION=110100 CONFIG_CLANG_VERSION=0 CONFIG_AS_IS_GNU=y CONFIG_AS_VERSION=23400 CONFIG_...
$ cd ftrace-hook $ make make -C /lib/modules/4.9.0-5-amd64/build M=/home/ilammy/dev/ftrace-hook modules make[1]: Entering directory '/usr/src/linux-headers-4.9.0-5-amd64' CC [M] /home/ilammy/dev/ftrace-hook/ftrace_hook.o Building modules, stage 2. MODPOST 1 modules CC /hom...
【linux内核调试】使用Ftrace来Hook linux内核函数 【linux内核调试】ftrace/kprobes/SystemTap内核调试方法对比 【KVM】KVM学习—实现自己的内核 Reference: linux-security-papers linux-kernel-exploitation GoSSIP_Software Security Group 为什么是最好的 GitHub 项目? 技术的发展速度比以往任何时候都快,技术正在...
You can do this to search for PIDs, hidden directories for example. By disabling ftrace you basically make any ftrace hook useless, but if you enable it again, the hooks will work again. (remembering that there are ways to protect your rootkit that uses ftrace from being bypassed in this ...
项目地址:https://github.com/Tencent/libcolibco通过仅有的几个函数接口 co_create/co_resume/co_yield 再配合 co_poll,可以支持同步或者异步的写法,如线程库一样轻松。同时库里面提供了socket族函数的hook,使得后台逻辑服务几乎不用修改逻辑代码就可以完成异步化改造。
ilammy /ftrace-hook Using ftrace for function hooking in Linux kernel C26672UpdatedMar 21, 2021 nluedtke /linux_kernel_cves Tracking CVEs for the linux Kernel Vue74475UpdatedApr 9, 2024 torvalds /linux Linux kernel source tree C190,22655,290UpdatedMar 25, 2025 ...
hook <Function> (Linux) kill/tkill <Signal> (Linux/MacOS) limitcpu <CPU> (Linux) limitcpuset <CPU> (Linux) limitmem <Memory> (Linux) limitpid <Task> (Linux) limitread <I/O> (Linux) limitwrite <I/O> (Linux) pause <Thread> (Linux) remote <Command> (Linux) rlimit <Resource> (...
We read every piece of feedback, and take your input very seriously. Include my email address so I can be contacted Cancel Submit feedback Saved searches Use saved searches to filter your results more quickly Cancel Create saved search Sign in Sign up Reseting focus {...