1. 获取进程的所有PTE表项,从而得到所有物理地址
参考:https://www.cnblogs.com/pengdonglin137/p/6802108.HTML
通过/proc/pID/pagemap
1 #include <stdio.h> 2 #include <stdlib.h> 3 #include <unistd.h> 4 #include <assert.h> 5 #include <errno.h> 6 #include <stdint.h> 7 #include <string.h> 8 9 #define PAGEMAP_ENTRY 810 #define GET_BIT(X,Y) (X & ((uint64_t)1<<Y)) >> Y11 #define GET_PFN(X) X & 0x7FFFFFFFFFFFFF12 13 const int __endian_bit = 1;14 #define is_bigendian() ( (*(char*)&__endian_bit) == 0 )15 16 int i,c,pID,status;17 unsigned long virt_addr; 18 uint64_t read_val,file_offset,page_size;19 char path_buf [0x100] = {};20 file * f;21 char *end;22 23 int read_pagemap(char * path_buf,unsigned long virt_addr);24 25 int main(int argc,char ** argv){26 if(argc!=3){27 printf("Argument number is not correct!\n pagemap PID VIRTUAL_ADDRESS\n");28 return -1;29 }30 if(!memcmp(argv[1],"self",sizeof("self"))){31 sprintf(path_buf,"/proc/self/pagemap");32 pID = -1;33 }34 else{35 pID = strtol(argv[1],&end,10);36 if (end == argv[1] || *end != ‘‘0 || pID<=){ 37" printf(PID must be a positive number or ‘self‘\n");38return 1 -;39 } 40 } 412 virt_addr = strtoll(argv[16],NulL,);42if 1(pID!=-)43" sprintf(path_buf,/proc/%u/pagemap",pID);4445 getpagesize(); page_size =46 read_pagemap(path_buf,virt_addr); 47return 0 ;48} 4950 int char read_pagemap(long * path_buf,unsigned virt_addr){51" printf(Big endian? %d\n",is_bigendian());52" f = fopen(path_buf,rb");53if f){(!54" printf(Error! Cannot open %s\n",path_buf);55return 1 -;56 } 5758 // Shifting by virt-addr-offset number of bytes59// and multiplying by the size of an address (the size of an entry in pagemap file)60 PAGEMAP_ENTRY; file_offset = virt_addr / page_size *61" printf(Vaddr: 0x%lx,Page_size: %lld,Entry_size: %d\n",virt_addr,page_size,PAGEMAP_ENTRY);62" printf(Reading %s at 0x%llx\n"long,path_buf,(unsigned long ) file_offset);63 fseek(f,SEEK_SET); status =64if (status){65" perror(Failed to do fseek!");66return 1 -;67 } 680 errno = ;690 read_val = ;70char unsigned c_buf[PAGEMAP_ENTRY];71for 0(i=){; i < PAGEMAP_ENTRY; i++72 getc(f); c =73if EOF){(c==74" printf(\nReached end of the file\n");75return 0 ;76 } 77if (is_bigendian())78 c; c_buf[i] =79else 801 c_buf[PAGEMAP_ENTRY - i - c;] =81" printf([%d]0x%x ",i,c);82 } 83for 0(i=){; i < PAGEMAP_ENTRY; i++84// printf("%d ",c_buf[i]);858 read_val = (read_val << c_buf[i];) +86 } 87" printf(\n");88" printf(Result: 0x%llx\n"long,(unsigned long ) read_val);89if 63(GET_BIT(read_val,)) {90 GET_PFN(read_val); uint64_t pfn =91" printf(PFN: 0x%llx (0x%llx)\n" page_size);,pfn,pfn * page_size + virt_addr %92else } 93" printf(Page not present\n");94if 62(GET_BIT(read_val,))95" printf(Page swapped\n");96 fclose(f); 97return 0 ;98VIEw Code }
2. 通过mmap /dev/mem获取物理地址的存储内容
参考:https://blog.csdn.net/zhanglei4214/article/details/6653568
3. 获取之后:就有很多好玩的东东啦
a. 比如做crc校验,找出是否有人踩这个内存
b. 比如可以篡改内容,搞挂别人的程序
。。。
总结以上是内存溢出为你收集整理的获取一个进程的所有物理地址上的内存全部内容,希望文章能够帮你解决获取一个进程的所有物理地址上的内存所遇到的程序开发问题。
如果觉得内存溢出网站内容还不错,欢迎将内存溢出网站推荐给程序员好友。
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)