LinuxConsulting

- Nicu Pavel personal page

PaNiC Random Rant (or how we used to call it: .plan)


Thursday, June 18, 2009

Hijacking library calls


From time to time you might want to override a function call by a binary or library with your own supplied code. This might be useful for example binding a program to a certain address considering that the program doesn't have an option for that. It can also be used for debugging or other obscure tasks. The attached example it's pretty simple, it saves the real address of connect function from libc to a function pointer named real_connect, reads the address/port information from environment and issues the new parameters after the bind call has been performed to the real_connect function.

For your "library" to be preloaded it has to be added to /etc/ld.so.preload by simply doing:
echo "/path/to/libc-highjack.so" > /etc/ld.so.preload

To use it, before starting a program, export HIGHHACK_PORT and HIGHJACK_IP to the values that you need.

The compiling instructions are in the source code.


uploads-blog/libc-highjack.c

Labels: , ,

posted by panic @ 4:42 PM

0 Comments:

Post a Comment

<< Home

Search

Loading

Previous Posts