reading process memory

Pranav Peshwe pranavpeshwe at
Fri Jun 9 02:39:48 UTC 2006

On 6/7/06, Tofik Suleymanov <secnews at> wrote:
> Hello, folks
> I believe that it is possible to read contents of the memory
> used/utilized by a process (assuming right privileges).
> First i've tried to do this through procfs by reading 'mem' property of
> the given process, but no success.
> Maybe there is another way of doing such things ?
> Any clue would be appreciated.

If i understood correctly what you wish to do,then you can
 use the proc_rwmem() function in the kernel.But ofcourse,
it can only be used through a KLD or directly through
the kernel src.This is what ptrace ultimately uses.

For 5.4 stable you can find it here :



UNIX is a computer virus with an interface.
 -- The UNIX-HATERS Handbook

More information about the freebsd-questions mailing list