reading process memory
Pranav Peshwe
pranavpeshwe at gmail.com
Fri Jun 9 02:39:48 UTC 2006
On 6/7/06, Tofik Suleymanov <secnews at oxygen.az> wrote:
>
> Hello, folks
>
> I believe that it is possible to read contents of the memory
> used/utilized by a process (assuming right privileges).
> First i've tried to do this through procfs by reading 'mem' property of
> the given process, but no success.
> Maybe there is another way of doing such things ?
> Any clue would be appreciated.
If i understood correctly what you wish to do,then you can
use the proc_rwmem() function in the kernel.But ofcourse,
it can only be used through a KLD or directly through
the kernel src.This is what ptrace ultimately uses.
For 5.4 stable you can find it here :
http://fxr.watson.org/fxr/ident?v=RELENG54&i=proc_rwmem
HTH.
Regards,
Pranav
--------------------------------------------------------
UNIX is a computer virus with an interface.
-- The UNIX-HATERS Handbook
More information about the freebsd-questions
mailing list