Y
Hacker News
new
|
ask
|
show
|
jobs
by
harryfyx
1024 days ago
I don't know reverse engineering. But, I guess the ultimate solution would be running a custom OS to fake ptrace results in the kernel level?
2 comments
scandinavian
1023 days ago
You can just use LD_PRELOAD to load your own version of ptrace. Not as stealthy though.
link
pizzapim
1023 days ago
Another way is to load a eBPF program or kernel module for this purpose.
link