An example of Syscall Hooking
# insmod syshook.ko sys_call_table_addr="0xffffffff81401200"
$ ./gccrun 'exit(3);' # yes, gcc generates code using sys_exit_group instead
$ dmesg | tail -n1
[ 2351.072440] Hooked sys_exit_group (3)
# rmmod syshook
-
Notifications
You must be signed in to change notification settings - Fork 0
kernelbr/SyscallHookingLKM
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
An example of Syscall Hooking
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published