【Mac hook—DYLD_INSERT_LIBRARIES】
1、gcc生成dylib。
gcc -dynamiclib -o mysharedlib.dylib mysharedlib.c
2、gcc生成dylib,指定flatnamespace。
gcc -flat_namespace -dynamiclib -o openhook.dylib openhook.c
3、如何Hook?
dani-2:test leedani$ export DYLD_FORCE_FLAT_NAMESPACE=1 dani-2:test leedani$ export DYLD_INSERT_LIBRARIES=openhook.dylib dani-2:test leedani$ ./main --------zz------hello,dani
4、Mac offers a way to override functions in a shared library with DYLD_INSERT_LIBRARIES environment variable (which is similar to LD_PRELOAD on Linux). When you make a twin brother of a function that is defined in an existing shared library, put it in you a shared library, and you register your shared library name in DYLD_INSERT_LIBRARIES, your function is used instead of the original one. This is my simple test. Here I’ve replaced f() in mysharedlib.dylib with f() in openhook.dylib.
5、关于DYLD_INSERT_LIBRARIES & DYLD_FORCE_FLAT_NAMESPACE
参考:
1、http://www.h4ck.org.cn/2013/04/hooking-library-calls-on-mac-using-dyld_insert_libraries/
2、http://blog.sina.com.cn/s/blog_45e2b66c0101cde0.html
