Loading ...
Sorry, an error occurred while loading the content.

Re: [hackers-il] dumpmem, a toy^H^H^Htool to dump a process's memory

Expand Messages
  • Muli Ben-Yehuda
    ... Right now, it s a toy. If developed further, it could be used for disassembling a program in memory, or for searching a program s memory space for
    Message 1 of 5 , Nov 6, 2002
    • 0 Attachment
      On Wed, Nov 06, 2002 at 01:00:28PM +0200, Nadav Har'El wrote:

      > Can you give an example of some uses of this tool?

      Right now, it's a toy. If developed further, it could be used for
      disassembling a program in memory, or for searching a program's memory
      space for sensitive data. Other uses include debugging and taking a
      snapshot of a program's memory - now that I think of it, it might be
      posssible to implement a limited exec() completely in userspace, by
      replacing the process's memory contents with the memory contents of
      another process. It will certainly be possible to do self modifying
      code tricks. Quite enough for a toy, isn't it? ;-)
      --
      Muli Ben-Yehuda http://www.mulix.org/
      mulix@...:~$ sctrace strace /bin/foo http://syscalltrack.sf.net/
      Quis custodes ipsos custodiet? http://www.mulix.org/cv.html
    Your message has been successfully submitted and would be delivered to recipients shortly.