Find workaround to finding the 'sys_call_table' address

Question

Find workaround to finding the 'sys_call_table' address

Opened this issue 2 years ago · 1 comments

In recent linux versions, the export to the function 'kallsyms_lookup_name' has been removed and therefore we cannot use it.
We need to find a workaround to finding 'sys_call_table' address so we can hook syscalls.

Answer 1 · 2022-04-09T20:34:24.000Z

use rat boot to find syscall table and pass it as command params