Hi, I have read on inline hooking as specified, but am confused by it's purpose. What i understood from inline hooking is that it replaces functions within the respective systemcall definitions.
I am trying to capture/intercept the parameters passed by applications in user-space. For this purpose I have hooked into systemcall table but not sure how to proceed as I am not sure how to use the system calls to capture the data. The purpose is just to show to users the parameters. Any idea how to proceed? Thanks in Advance, Perumal On Dec 23, 12:37 pm, Peter Teoh <[email protected]> wrote: > many examples in the web....keyword to search is "inline > hooking"....so for eg: > > http://www.google.com/search?hl=en&num=100&q=inline+hooking+linux+ker... > > and among the first few links: > > http://www.hackbase.com/tech/2009-05-06/52605.html > > or here (same article): > > http://www.router.net.cn/Article/21289.html > > (orhttp://www.neeao.com/pstzine/0x03/pdf/PSTZine_0x03_0x03.pdf)....commu... > is chinese...but C is universal language :-). > > On Dec 22, 5:08 pm, perumal316 <[email protected]> wrote: > > > Hi, > > > I have hooked into the system call table in Linux v2.6 and replaced > > system calls with my own functions. What I am trying now is to capture > > the arguments/data/parameters passed by applications when they invoke > > the system calls. Any idea how do I capture these parameters? > > > Thanks in Advance, > > Perumal
