Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Replacing Kernel Functions via a LKM

From: Denis.Ducamp () HSC FR (Denis Ducamp)
Date: Tue, 2 May 2000 02:53:13 +0200

On Thu, Apr 27, 2000 at 05:15:27PM -0700, Granquist, Lamont wrote:

Is there a way to intercept calls to a given function in the kernel via a
LKM?  Specifically I'd like to intercept proc_root_lookup() in in
fs/proc/root.c and replace it with my own procedure. (motivation for doing
so is left as an excersize to the reader)


That has been described for Linux 2.0 systems :
http://thc.pimmel.com/files/thc/LKM_HACKING.html
written by pragmatic / THC, version 1.0
released 03/1999

Some of those programs have been ported to 2.2 .

Then some have been "ported" to FreeBSD :
http://thc.pimmel.com/files/thc/bsdkern.html
written by pragmatic / THC, version 1.0
released 06/1999

And then to Solaris :
http://thc.pimmel.com/files/thc/slkm-1.0.html
Author: Plasmoid <plasmoid () pimmel com> / THC
Version 1.0  (c) 1999

Very good jobs, must read.

Denis Ducamp.

--
Denis.Ducamp () hsc fr -- Hervé Schauer Consultants -- http://www.hsc.fr/
Previous By Date Next
Previous By Thread Next

Current thread: