#include <string.h>#include <errno.h>#include <stdio.h>#include <sys/ptrac

1. #include <string.h>
2. #include <errno.h>
3. #include <stdio.h>
4. #include <sys/ptrace.h>
5. #include <sys/types.h>
6. #include <sys/wait.h>
7. #include <sys/user.h>
8. #include <sys/reg.h>
9. #include <sys/syscall.h>
10. #include <unistd.h>
11.  
12. int main()
13. {
14.  
15.     struct user data;
16.  
17.     pid_t child;
18.     child = fork();
19.     long sys = -2;
20.     if(child == 0) {
21.         ptrace(PTRACE_TRACEME, 0, NULL, NULL);
22.         execl("/bin/ls", "ls", NULL);
23.     }
24.     else while (sys != 60 and sys != -1)
25.     {
26.         if (sys == -2)
27.             wait(NULL);
28.         // Get syscall:
29.         if (ptrace(PTRACE_SYSCALL,child, NULL ,NULL) == -1)
30.             fprintf(stderr,"Syscall failed: %s\n", strerror(errno));
31.         wait(NULL);
32.         // Check syscall:
33.         sys = ptrace(PTRACE_PEEKUSER,child, ((long long)&data.regs.orig_rax - (long long)&data), NULL);
34.         if (sys == -1)
35.             fprintf(stderr,"Syscall failed: %s\n", strerror(errno));
36.         else
37.             fprintf(stderr,"Syscall called: %d\n",(int)sys);
38.     }
39.     return 0;
40. }