Finding static function address in linux library

Question

I need to find address of a static function in a linux library for hooking.

I tried using dlopen() and dlsym() but it didn't work.

Is there any way to find it? Or how to iterate through library's memory so I can do a pattern scanning?

I don't have the library's source code. – Bien Pham Nov 14 '14 at 13:27 — Bien Pham, Nov 14 '14 at 13:27

score 1 · Answer 1 · answered Nov 14 '14 at 03:45

1

Unless there is an entry in the library's export table, you will have to do some reverse engineering to discover where it is (if it was compiled as what could be identified as a single function in the first place, that is).

Unfortunately, there seems to be no such entry. If you have the source code, you could try compiling just that function into a separate binary using your best guess for whatever options were used with the module of interest -- at least you'd have a pattern to try matching.

answered Nov 14 '14 at 03:45

defube

2,395
1
22
34

I can find where it is in the library, but I'm afraid that it will change between builds (I'm modding a game), so I want to use dlsym() or real time memory scanning, but it seems that dlsym() won't work with static function. – Bien Pham Nov 14 '14 at 09:37

Finding static function address in linux library

1 Answers1