mirrord internals - hooking libc functions in Rust and fixing bugs

This page summarizes the projects mentioned and recommended in the original post on dev.to

Our great sponsors
  • Zigi - The context switching struggle is real
  • InfluxDB - Build time-series-based applications quickly and at scale.
  • Scout APM - Truly a developer’s best friend
  • SonarLint - Clean code begins in your IDE with SonarLint
  • mirrord

    Connect your local process and your cloud environment, and run local code in cloud conditions.

    mirrord lets you run a local process in the context of a cloud service, which means we can test our code on staging, without actually deploying it there. This leads to shorter feedback loops (you don’t have to wait on long CI processes to test your code in staging conditions) and a more stable staging environment (since untested services aren’t being deployed there). There is a detailed overview of mirrord and what we strive to achieve with it in this blog post.

  • frida-gum

    Cross-platform instrumentation and introspection library written in C

    LD_PRELOAD1, available as an environment variable, is a feature provided by dynamic linkers like ld.so that lets us load a shared library into a process before the process loads anything else. In our case, we use LD_PRELOAD to load mirrord-layer, which overrides libc functions with a custom implementation. By overriding file and socket functions, we can then transparently plug the process into the remote pod, having it read and write files and traffic remotely without changing a single line of code. Overriding these libc functions on different systems would have been a difficult task and this is where Frida-gum comes to save the day through its inline hooking interceptor.

  • Zigi

    The context switching struggle is real. Zigi makes context switching a thing of the past. It monitors Jira and GitHub updates, pings you when PRs need approval and lets you take fast actions - all directly from Slack!

  • frida-rust

    Frida Rust bindings

    The complete crate for the example above is available here.

  • metalbear.co

    MetalBear main website

    Hope you enjoyed reading the post! Please feel free to reach out to me with feedback at [email protected]metalbear.co/Discord, or provide any suggestions/open issues/PRs on our website.

  • ghidra-scripts

    A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.

    I will be using Ghidra here, a reverse engineering toolkit that comes in super handy when decompiling a binary. So let’s load our node binary into Ghidra and analyze it!

  • InfluxDB

    Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Data Platform where developers build real-time applications for analytics, IoT and cloud-native services in less time with less code.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts