Skip to content

shubham0d/low-level-hooker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
call_hooker.c
call_hooker.c
 
 
test_caller.c
test_caller.c
 
 
test_export.c
test_export.c
 
 

Repository files navigation

low-level-hooker

Hook linux kernel functions without using ftrace or kprobe.
Note: It's a learning project developed in two day. Things may not work properly in your environment.

Usage

  • Open call_hooker.c
  • Define you hooked funtion prototype and required code inside it in similar way done for hookers_piston which is hook for add_num.
  • Change the mentioned three line in my_init() according to your target and hook funtion.
  • test_export.c contain example funtion add_num() which the current setup is hooking. test_caller.c is module that is calling add_num().
  • Compile the all the module using make
  • Import test_export.ko then our hooking module call_hooker.ko then test_caller.ko to see results. Importing command - insmod module_name

Testing

Tested on Debian Stretch

About

A linux kernel funtions hooking module

Resources

Readme

License

MIT license
Activity

Stars

10 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages