File tree Expand file tree Collapse file tree 1 file changed +46
-0
lines changed
Expand file tree Collapse file tree 1 file changed +46
-0
lines changed Original file line number Diff line number Diff line change 1+ ### function-interceptor
2+
3+ This project demonstrates how to hook functions through the [ funchook] ( https://github.com/kubo/funchook ) library
4+
5+ ### Requirements
6+
7+ - g++ compiler
8+ - cmake
9+ - python3
10+ - frida: https://frida.re
11+
12+ ### Preparing
13+
14+ ``` bash
15+ # install dependencies
16+ pip install frida
17+
18+ # change the ptrace_scope for frida
19+ sudo sysctl kernel.yama.ptrace_scope=0
20+
21+ # build c++ project
22+ ./build.sh
23+ ```
24+
25+ ### Running
26+
27+ ``` bash
28+ # run program (it is assumed that in different terminals)
29+ LD_LIBRARY_PATH=./build/bin ./build/bin/program
30+
31+ # attach `./build/bin/libhook.so` to `$(pidof program)`
32+ ./scripts/loader.py $( pidof program)
33+ ```
34+
35+ ```
36+ exampleFunction(a=1, b=2, c=3)
37+ ret = 48
38+
39+ handle = 0x7f79317921e0
40+ exampleFunction_original = 0x7f793178e120
41+
42+ exampleFunction(a=1, b=2, c=3)
43+ [+] org ret = 48
44+ [+] exampleFunction_hook(a=1, b=2, c=3)
45+ ret = 42
46+ ```
You can’t perform that action at this time.
0 commit comments