"Elvis Y. Tamayo Moyares" writes:
> It's true. I managed to hook into the kernel 2.4 and 2.6 using LKM but
> how can do it in 2.6.30 or higher, not let me change the syscall
> table references ...
> when I add the LKM to stdout I get 'Killed'.
> and when I try to remove the LKM tells me that is
Hi...
On Thu, Apr 8, 2010 at 01:01, Elvis Y. Tamayo Moyares
wrote:
> It's true. I managed to hook into the kernel 2.4 and 2.6 using LKM but how
> can do it in 2.6.30 or higher, not let me change the syscall table
> references ...
> when I add the LKM to stdout I get 'Killed'.
> and when I try to
It's true. I managed to hook into the kernel 2.4 and 2.6 using LKM but
how can do it in 2.6.30 or higher, not let me change the syscall
table references ...
when I add the LKM to stdout I get 'Killed'.
and when I try to remove the LKM tells me that is in use.
In some sites say that around 2.6
Hello Elvis,
There are numerous ways you can do, once you have root privilege.
But if you don't, it is probably impossible without some illegal way.
Actually, system call hooking itself is not very proper thing even for
people with root,
but you can refer to many linux rootkit codes available in
hi list
I need to hook a system call in kernel 2.6,for kernel 2.6.30 or higher
it is very dificulty. I have read in some places and tell me that in
these versions the system call table is read only. Is there any way to
hook a system call in kernel 2.6.30 or higher?
thanks in advance
--
