Method and system for identifying and replacing system calls

Method and system for identifying and replacing system calls

One embodiment of the system disclosed herein facilitates identifying a system call in an application and replacing the identified system call with a customized function call. During operation, the system executes an executable file of the application, wherein the executable file has been modified t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Newell Craig, Jawa Manish, Tebeka Haim
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
WIRELESS COMMUNICATIONS NETWORKS
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:One embodiment of the system disclosed herein facilitates identifying a system call in an application and replacing the identified system call with a customized function call. During operation, the system executes an executable file of the application, wherein the executable file has been modified to execute a hooking and injection manager at run time. Prior to executing the system call, the system executes the hooking and injection manager. While executing the hooking and injection manager, the system determines, from a symbol table, a symbol table index value corresponding to a symbol associated with the system call. The system further determines an import table entry storing a pointer to the system call based on the symbol table index value, and changes the pointer in the import table entry so that the pointer indicates an address of the customized function call.