problem...
Good someone willing to help. Basicly I'm experimenting with classical
buffer overflow exploits and none of them seem to be working any longer -
causes either segfault or illegal instruction.
Take care,
Lech
--
To unsubscribe from this list: send an email with
unsubscribe kernelnewbies
Ok, I got it:
http://kerneltrap.org/node/644
--
To unsubscribe from this list: send an email with
unsubscribe kernelnewbies to ecar...@nl.linux.org
Please read the FAQ at http://kernelnewbies.org/FAQ
seem to not work any longer,
even with _va_space_randomize_ switched of - or I'm just to wooden-headed
to do that / to desperate ?
Peace,
Lech
--
To unsubscribe from this list: send an email with
unsubscribe kernelnewbies to ecar...@nl.linux.org
Please read the FAQ at http://kernelnewbies.org/FAQ
,
--
Regards,
Lech
--
To unsubscribe from this list: send an email with
unsubscribe kernelnewbies to [EMAIL PROTECTED]
Please read the FAQ at http://kernelnewbies.org/FAQ
modifies
the memory to enable hooks, but in x86 architectures you have debug
registers available to set the traps in the very processor.
--
Regards,
Lech
--
To unsubscribe from this list: send an email with
unsubscribe kernelnewbies to [EMAIL PROTECTED]
Please read the FAQ at http
in routine that seeks
for syscall table. Then you would exchange pointer to unlink with pointer
to your function, and your function after doing its job (logging) would in
turn call original unlink.
Regards,
Lech
--
To unsubscribe from this list: send an email with
unsubscribe kernelnewbies
: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
there is only 4 debug registers available, whereas kprobe allow
limitless (almost) numbers of probe points.
Well yes - but if you want to trace syscalls you can just set the trap for
the call gate.
--
Regards,
Lech