Blog Archive
2013
Tags
API import, Assembly Language, blog, exception handling, export table, Linux, low level development, Low level programming, obfuscation, sigaction, signal, software protection, structured exception handling, system programming, vectored exception handling, windows internals
System Programming Blog
2023-02-07 09:31:00
This blog is dedicated to low level programming in Assembler and C/C++ (although, C++ is unwelcome) in either *Nix or Windows based operating systems.
Showing 4 posts for tag 'kernel module'
Linux Loadable Kernel Module in Assembly
April 3, 2015
I have recently seen tones of posts about writing kernel module for a pre-compiled kernel on the Internet. Guys are doing good work, but there is one thing that I personally did not like - they all refer you to the configuration file for such kernel, which may be obtained this way or the other. Well, having configuration of the running kernel makes it almost no different from building a module for a kernel you compiled yourself (just almost). The bottom line - you want something to be done your way, do it yourself.
Tags: 64-bit, Assembly Language, kernel, kernel module, Linux, low level development, system internals, system programming
Hijack Linux System Calls: Part III. System Call Table
October 13, 2011
This is the last part of the Hijack Linux System Calls series. By now, we have created a simple loadable kernel module which registers a miscellaneous character device. This means, that we have everything we need in order to patch the system call table. Almost everything, to be honest. We still have to fill the our_ioctl function and add a couple of declarations to our source file. By the end of this article we will be able to intercept any system call in our system should there be a need for that.
Tags: miscellaneous character driver, device drivers, kernel, kernel module, Linux, low level development, misc_register, misc_unregister, sys_call_table, system call, system internals, system programming
Hijack Linux System Calls: Part II. Miscellaneous Character Drivers
October 12, 2011
We all know what device drivers are - the hands of the operating system that make it possible for the kernel to handle hardware. We also know that there are two types of devices - character and block, depending on the way they handle data transmissions, but what does "miscellaneous" device mean? To put it simple - it means what it means. On one hand, this may be a driver that handles simple hardware, on the other hand, it is the way Linux allows us to create virtual devices, as one of the ways to communicate with kernel modules, which is exactly what we need in order to hijack Linux System Calls.
Tags: device drivers, kernel, kernel module, Linux, low level development, misc_register, misc_unregister, miscellaneous character driver
Hijack Linux System Calls: Part I. Module
October 12, 2011
There are hundreds, if not thousands, of posts regarding this problem. Most of them are outdated, as they refer to older kernels (those, that still exported sys_call_table), others are about adding custom system call and recompiling the kernel. There are a few covering modern kernels, but those are brief and, mostly, only give you a general idea of how it works. I decided to make an in-depth description of the procedure and provide a working example.
Tags: kernel, kernel module, Linux, low level development, system internals

This site uses cookie files for our mutual comfort.

OK

BitMazing.tech
Services
Projects
About
Contact

Services
Reverse engineering
Software development
Database programming

Publications
Mastering Assembly Programming
Practical Assembly Programming
Copyright © 2023 Alexey Lyashko