Vulnerability Development mailing list archives
Re: Capturing System Calls
From: cbell () JAYHAWKS NET (Christofer C. Bell)
Date: Thu, 22 Jun 2000 11:24:52 -0500
On Thu, 22 Jun 2000, Green Charles Contr AFRL/IFGB wrote:
On UNIX Systems, (FreeBSD, Linux, Solaris) is there a way to capture/modify system calls calls from an application with out modifying the kernel (or using kernel modules) - preferably in userspace? The reason I ask is that a group of us are being asked to evaluate a piece of software for my company but they've put some heavy restrictions on how we do it. One of the restriction is that we're not allowed to modify the kernel.
You can view system calls on Linux with strace(1), library calls with ltrace(1). On FreeBSD you can use ktrace(1), and on Solaris you can use truss(1). Each has documentation that comes with the OS. I hope this points you in the right direction. Good luck! -- Chris
Current thread:
- Re: Another new worm??? (technical), (continued)
- Re: Another new worm??? (technical) Pierre Vandevenne (Jun 22)
- Re: Another new worm??? (technical) Bluefish (Jun 23)
- Re: Another new worm??? (technical) Pierre Vandevenne (Jun 23)
- Re: Another new worm??? (technical) Max Vision (Jun 23)
- Re: Another new worm??? (technical) Pierre Vandevenne (Jun 23)
- Re: Another new worm??? (technical) Max Vision (Jun 23)
- Re: Another new worm??? (technical) Pierre Vandevenne (Jun 23)
- Re: Another new worm??? (technical) Bluefish (Jun 23)
- Re: Another new worm??? (technical) Bluefish (Jun 23)
- Capturing System Calls Green Charles Contr AFRL/IFGB (Jun 22)
- Re: Capturing System Calls Christofer C. Bell (Jun 22)
- Re: Capturing System Calls Steve Mosher (Jun 22)
- Re: Capturing System Calls Chon-Chon Tang (Jun 22)
- Re: Capturing System Calls Jonathan Leto (Jun 22)
- Re: Capturing System Calls Michal Zalewski (Jun 22)
- Re: Capturing System Calls Ryan Permeh (Jun 22)
- Re: Capturing System Calls Pavel Kankovsky (Jun 22)
- Re: Capturing System Calls Todd Garrison (Jun 22)
- Re: Capturing System Calls Andrew Reisse (Jun 22)
- Re: Capturing System Calls Rajiv Dighe (Jun 22)
- Re: Capturing System Calls Granquist, Lamont (Jun 22)