0

I have running process that I want to hook on specific function.

The main idea was killing the process and run it again with LD_PRELOAD and that work.

The problem is that I don't want to kill the process,or using ptrace (because I don't want to set the process under debugging state all the time)

Is there any way to use LD_PRELOAD on running process?

I assume the I need to load the so into the process memory and change the import table.

yfr24493AzzrggAcom
  • 159
  • 1
  • 2
  • 13

1 Answers1

1

This isn't possible in general if you can't use ptrace. The problem is that unlike PTRACE_POKETEXT, process_vm_writev can't write to read-only pages. On modern systems with RELRO and such, anything that you could overwrite to accomplish your goal will be read-only after the process starts.

Joseph Sible-Reinstate Monica
  • 45,431
  • 5
  • 48
  • 98