Name	Name	Last commit message	Last commit date
parent directory ..
src	src
README.md	README.md
Taskfile.yml	Taskfile.yml

Name

Last commit message

Last commit date

README.md

Taskfile.yml

ptrace

A static-library proxy based on ptrace (X86-only)

Documentation

Running

Run without the proxy:

task run:no-proxy

Run with the proxy:

task run:proxy

Static Library Interception

Using /proc/[PID]/maps and libelf, it's possible to calculate a symbol's address in memory (Note: this should even work with ASLR). Once a symbol's address is known, ptrace can be used to insert debugging trap/breakpoint instruction inside of the target function. Then, whenever the target function is called, the process emits a SIGTRAP which is easily detected by the parent. See Eli Bendersky's website for more information.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

ptrace

Documentation

Running

Static Library Interception

FilesExpand file tree

ptrace

Directory actions

More options

Directory actions

More options

Latest commit

History

ptrace

Folders and files

parent directory

README.md

ptrace

Documentation

Running

Static Library Interception