photo
Jordan Sissel
geek

Fri, 03 Aug 2007

Overriding shared library functions

Long story short...

File: 'connect.over' contains 

#include <netinet/in.h>

override(`connect', `
  {
    // code to inject before the connect() call is actually made
  }
')
Output is 'connect.so' which overrides libc's connect function. 
% LD_PRELOAD=./connect.so nc google.com 80
stream connect: fd=3 host=64.233.187.99:80
% LD_PRELOAD=./connect.so nc -u 129.21.60.9 53 
dgram connect: fd=3 host=129.21.60.9:53
% LD_PRELOAD=./connect.so ssh scorn           
stream connect: fd=3 host=129.21.60.26:22
stream connect: fd=4 host=109.112.47.115:12148
scorn(~) %
The output by nc was due to my function above outputting this.

The strange ssh connection on fd=4 above is seemingly due to ssh calling connect() on a tty? fstat says: 

jls      ssh         3221    4 /dev        122 crw--w----   ttypd rw
inode 122 on /dev is /dev/ttypd.

Comments: 2 (view comments)
Tags: , , ,
Permalink: /geekery/overriding-shared-library-functions
posted at: 22:16

2 responses to 'Overriding shared library functions'

Robert Peaslee posted at Tue Sep 4 14:47:35 2007...
This is an old trick, but cool nontheless.

Any ideas on how to make replacement shared libs work by default for all users without root access? ;)

Jordan Sissel posted at Tue Sep 4 16:22:45 2007...
Are you asking "How can I do <thing that requires root> as non-root?" ?

Yes, it's an old trick, but the good thing about my implementation is that it's trivial to inject functionality (it's an m4 script that generates C code, which gcc turns into a .so) rather than having to write it all yourself.

Leave a reply

You need javascript enabled to use this form. Anti-spam efforts ongoing. Also, if the comment doesn't show up, it's because the form expired. Go back and copy your comment, reload the form, and resubmit. Apologies if this is a hassle, I'm just playing with antispam methods right now. If this insists on not working, please email me about it.

Name (required)
E-mail (optional. Not posted or recorded anywhere, ever)
URL (also optional)
Comment:

Search this site

Navigation

Metadata

Home About Resume My Code

Articles

ARP Security Dynamic DNS with DHCP OpenLDAP+Kerberos+SASL PPP over SSH SSH Security: /bin/false Week of Unix Tools Work Efficiency

Projects

fex firefox tabsearch firefox urledit grok keynav liboverride newpsm (FreeBSD) nis2ldap pam_captcha poor man's backup Solaris audio utility xboxproxy xdotool xmlpresenter xpathtool misc scripts

Presentations

Yahoo! Hack Day '06 Unix Essentials Vi/Vim Essentials

Tag Cloud

Calendar

< August 2007 >
SuMoTuWeThFrSa
    1 2 3 4
5 6 7 8 91011
12131415161718
19202122232425
262728293031 

Friends

BarCamp Kent Brewster Tantek Çelik John Resig Wesley Shields Tyler Shields

Technorati