您正在以只读模式(
O_RDONLY)打开文件。我建议
O_RDWR改用:
mem_fd = open(mem_file_name, O_RDWR);
但是,从
man proc目前尚不清楚这是否可行:
/proc/[pid]/mem This file can be used to access the pages of a process'smemory
through open(2), read(2), and lseek(2).
编辑:
我也很好奇,所以我
ptrace()直接使用下面的示例:
#include <sys/ptrace.h>#include <unistd.h>#include <stdio.h>#include <stdlib.h>#include <stdint.h>#define SHOW(call) ({ int _ret = (int)(call); printf("%s -> %dn", #call, _ret); if (_ret < 0) { perror(NULL); }})char changeme[] = "This is a test";int main (void){ pid_t pid = fork(); int ret; int i; union { char cdata[8]; int64_t data; } u = { "Hijacked" }; switch (pid) { case 0: sleep(1); printf("Message: %sn", changeme); exit(0); case -1: perror("fork"); exit(1); break; default: SHOW(ptrace(PTRACE_ATTACH, pid, 0, 0)); SHOW(ptrace(PTRACE_POKEDATA, pid, changeme, u.data)); SHOW(ptrace(PTRACE_CONT, pid, 0, 0)); wait(NULL); break; } return 0;}
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)