inject getpeerucred library call into victim process

Process Control Library (libproc, -lproc)
#include <libproc.h>

pr_getpeerucred(struct ps_prochandle *P, int fd, ucred_t **ucp);

The pr_getpeerucred() function injects the getpeerucred(3C) library call into the target process P by means of the agent LWP. If the process handle P is NULL then this is equivalent to calling getpeerucred(3C) on the currently running process.

The arguments fd and *ucp have the same meaning as in getpeerucred(3C). See getpeerucred(3C) for the full description and purpose of the getpeerucred library call and its arguments.

The pr_getpeerucred() function only works on active processes. Process handles that correspond to core files, zombie processes, or ELF objects do not support library call injection.

Upon successful completion, the pr_getpeerucred() function's return value is that described in getpeerucred(3C). Otherwise, -1 is returned and errno is set to ENOSYS to indicate that the library call could not be injected.

For a full list of possible errors see the ERRORS section in getpeerucred(3C).

The pr_getpeerucred() function will fail if:

An error occurred while trying to invoke the agent LWP and inject a library call in the process handle P or the process handle P does not support library call injection.


See LOCKING in libproc(3LIB).

getpeerucred(3C), libproc(3LIB), proc(5)
May 11, 2016 OmniOS