Source |
Malware Hell |
Identifiant |
8314732 |
Date de publication |
2023-02-04 00:00:00 (vue: 2023-03-01 20:12:23) |
Titre |
Hooking C Runtime or libc |
Texte |
Introduction A friend at work asked me if we can actively change argc when executing a target program without modifying the target program. I was not sure at the time what the solution would be. However, after some thought; I thought about LD_PRELOAD and using it to hook specific functions. I figured, well it probably won’t allow the hooking of libc, but in reality it does. This is of course interesting behavior that can be leveraged for offensive and defensive security research practices. |
Envoyé |
Oui |
Condensat |
about actively after allow argc asked behavior but can change course defensive does executing figured friend functions hook hooking however interesting introduction leveraged libc modifying not offensive practices preload probably program reality research runtime security solution some specific sure target thought thought; time using well what when without won’t work would |
Tags |
|
Stories |
|
Notes |
★★★
|
Move |
|