问题描述
是否有等效的ReadProcessMemory窗口函数用于在另一个过程存储器中进行读取(或写入)?我试图预加载共享库,也尝试调试(ptrace,peek和poke内存).似乎可行,但我想知道是否没有最简单的方法...
Is there an equivalent of ReadProcessMemory windows function for reading (or writing) in another process memory ?I have tried to preload a shared library, i have also tried to debug (ptrace, peek and poke memory). It seems to work, but i am wondering if there is not a simplest way...
推荐答案
是:人ptrace ( PTRACE_PEEKDATA
等)
ptrace
接口是UNIX通用的,与 ELF
没有任何关系(即,它也适用于使用 COFF
的系统,或 AOUT
作为其常规可执行格式).
The ptrace
interface is generic to UNIX, and has nothing to do with ELF
(i.e. it also works on systems that use COFF
, or AOUT
as their normal executable format).
在大多数UNIX平台上,这是 only 方式.
It's the only way on most UNIX platforms.
在Linux上,您还可以读/写/proc/$ pid/mem
.但是请注意,许多内核出于安全原因而禁用了此功能(具有可读写的文件表示巨大安全攻击面).
On Linux, you could also read/write /proc/$pid/mem
. Note however, that many kernels disable this for security reasons (having this file read/writable presents a huge security attack surface).
在Solaris上,存在不同的/proc
接口,但是(据我所知)尚未在其他任何系统上采用.
On Solaris, there has been a different /proc
interface, but (as far as I can tell) it has not been adopted on any other system.
这篇关于ELF在其他过程存储器中读/写的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!