Using LD_PRELOAD to cheat, inject features and investigate programs

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  • frida

    Clone this repo to build Frida

  • A great framework for doing something along those lines is Frida (https://github.com/frida/frida). Works on a bunch of stuff, including Android and iOS. Some global-ish certificate pinning bypasses work through Frida, by patching http libraries to not raise exceptions, accept system certificates, etc and just quietly hum along instead. Certificate unpinning in turn enables network MITM with mitmproxy, which makes it a lot quicker and easier to inspect, block, or modify network traffic.

    Funnily enough, I've seen much stronger obfuscation from reverse engineering from my cheap Tuya IoT devices app than from my bank app.

  • proxychains

    proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" for SOCKS4/5, "basic" for HTTP.

  • Fun fact: proxychains uses LD_PRELOAD [0] to hook the necessary syscalls [1] for setting up a "proxy environment" for the wrapped program, e.g. `connect`, `gethostbyname`, `gethostbyaddr`, etc. Note this also implies that it could be leaky in some cases when applied to a program that uses alternative syscalls to make an external connection.

    [0] https://github.com/haad/proxychains/blob/master/src/proxycha...

    [1] https://github.com/haad/proxychains/blob/master/src/libproxy...

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
  • tup

    Tup is a file-based build system.

  • ClickHouse

    ClickHouse® is a free analytics DBMS for big data

  • QuAPI

    Library and tool to add assumption-support to generic SAT or QBF solver binaries using automated fork()ing and LD_PRELOAD (by maximaximal)

  • ld_preload-sounds

    Generates raw WAV output by hooking malloc() and read().

  • one of my favorite hacks, which started as a joke, is using LD PRELOAD to generate audio from memory allocation and read calls.

    https://github.com/gordol/ld_preload-sounds

    this started out as like 10-20 lines of terrible code originally, and a few people sent merge requests to improve it

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • The API database architecture – Stop writing HTTP-GET endpoints

    11 projects | news.ycombinator.com | 10 May 2024
  • We Built a 19 PiB Logging Platform with ClickHouse and Saved Millions

    1 project | news.ycombinator.com | 2 Apr 2024
  • Erasure Coding versus Tail Latency

    1 project | news.ycombinator.com | 28 Mar 2024
  • Build time is a collective responsibility

    2 projects | news.ycombinator.com | 24 Mar 2024
  • Writing UDF for Clickhouse using Golang

    2 projects | dev.to | 27 Feb 2024