Giter Site home page Giter Site logo

kallsyms_lookup_name_finder's Introduction

kallsyms_lookup_name

As of Linux Kernel version 5.7.0 the function kallsyms_lookup_name is no longer exported to kernel modules. This was a convenient way to lookup the the sys_call_table when hacking on LKM rootkits and other such things. I came across a few other hackers looking for interesting ways to get around the problem too which inspired me to maintain a list of ways to work around the issue per kernel version.

Building

Dependencies

Install the packages required to build kernel modules on your system.

For Fedora where I did my testing:

sudo dnf install -y kernel-headers kernel-devel make gcc

Make

Beside building the module the Makefile has some other admin tasks available.

# Build the module
$ make build
# insmod kallsyms_lookup_name_finder.ko
# insmod kallsyms_lookup_name_finder.ko my_kaddr=$(grep -ioP '\K[a-f0-9]+ (?=T kallsyms_lookup_name)' /proc/kallsyms)

Contribution

If you have another way to find kallsyms_lookup_name() please:

  • create a pull request
    • credit the author in the code comments
    • include checks for kernel version support
    • follow the output format

kallsyms_lookup_name_finder's People

Stargazers

avatar

Watchers

alternate avatar

Forkers

tyyy258 dreydengys

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.