Questions tagged [uprobe]

I've been playing with uprobes. In order to probe a specific object in runtime, I need to know the size of internal go struct. In my case, the poll.FD. I could count each nested struct manually, but this could increase the complexity if we are…

I came from this article: https://blog.quarkslab.com/defeating-ebpf-uprobe-monitoring.html and this worked well for me: # First log-in as root. # This line creates a uretprobe named bashReadline at offset 0xd5690 of /bin/bash program that prints…