PaNiC Random Rant (or how we used to call it: .plan)
Hijacking library calls
From time to time you might want to override a function call by a binary or library with your own supplied code. This might be useful for example binding a program to a certain address considering that the program doesn't have an option for that. It can also be used for debugging or other obscure tasks. The attached example it's pretty simple, it saves the real address of connect function from libc to a function pointer named real_connect, reads the address/port information from environment and issues the new parameters after the bind call has been performed to the real_connect function.
For your "library" to be preloaded it has to be added to /etc/ld.so.preload by simply doing:
echo "/path/to/libc-highjack.so" > /etc/ld.so.preload
To use it, before starting a program, export HIGHHACK_PORT and HIGHJACK_IP to the values that you need.
The compiling instructions are in the source code.
uploads-blog/libc-highjack.c
Labels: hacks, libc, programming
posted by panic @ 4:42 PM