A Rust wrapper of pmem/syscallintercept, a system call intercepting library on x8664 Linux.
Install dependencies:
sh
sudo apt install cmake libcapstone-dev
Add the following lines to your Cargo.toml:
toml
[dependencies]
syscall-intercept = "0.1"
Define your syscall hook function:
```rust use syscall_intercept::*;
extern "C" fn hook( num: isize, a0: isize, a1: isize, a2: isize, a3: isize, a4: isize, a5: isize, result: &mut isize, ) -> InterceptResult { ... } ```
Enable or disable interception:
rust
unsafe { set_hook_fn(hook) };
unsafe { unset_hook_fn() };
Issue syscall without being intercepted:
rust
let ret = unsafe { syscall_no_intercept(libc::SYS_exit as _, 0) };
MIT License