[Gammaray-interest] New plugin idea: Event inspector
Christian Gagneraud
chgans at gmail.com
Tue Sep 19 07:11:33 CEST 2017
On 18 September 2017 at 14:52, Christian Gagneraud <chgans at gmail.com> wrote:
> On 18 September 2017 at 08:25, Milian Wolff <milian.wolff at kdab.com> wrote:
> [...]
>>>
>>> I'm reading this right [1] now, it's called "Cheating the ELF -
>>> Subversive Dynamic Linking to Libraries".
>>> AFAIU, he's talking about manipulation of the PLT of an ELF image.
>>> Which is, I think, what i would like to achieve: replace a symbol with
>>> another one of my choice, and still be able to call the original
>>> symbol.
>>> Now, this does not seem easy....
>>
>> You can have a look at the heaptrack injector code, which does just that.
>
> Yes, it is very interesting indeed, thanks for the pointer!
Using this technique i was able to subsitute Qt's dynamic symbols (eg,
qt_startup_hook) in a simple Qt application.
And i now understand what this QtCore.dyn file is all about! ;)
Using the Loadable program segment, i can as well wrap any Qt function
used by the program (QObject::EventFilter, ...).
But i would like to do the same on the program own code.... which is a
different story.
Chris
More information about the Gammaray-interest
mailing list