Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Memory sniffing in linux
Top Forums Programming Memory sniffing in linux Post 302276318 by mosey on Tuesday 13th of January 2009 12:47:39 PM
Old 01-13-2009
PHP Memory sniffing in linux
I am trying to create an application that will be able to sniff memory of other applications.

I am not completely new to systems programming but I am not sure how to go about this task. I understand that accomplishing this mainly require these steps.

1: Get a list of processes
2: Find the process you want to sniff.
3: Get a list of page tables assigned to that process
4: Get R / R/W access to these page tables.
5: Sniff away.

I can do 1&2 just fine, but I have no clue how to accomplish the rest.

I understand that 3 will have to do something with the process control block, and 4 will probably have to do with some system calls with high privileges.

Any advice on doing this would be appreciated, and if there are any books on this subject in particular, that would be great as well.
 

9 More Discussions You Might Find Interesting

1. IP Networking

Sniffing an established port

Hi All, On a solaris box A port B in which port B is established and receiving data. My question is how do i listen on that established port , how can i get the data received at box A: port B through my application I had searched the forum for the same, but i am unable to retrieve the... (5 Replies)
Discussion started by: matrixmadhan
5 Replies

2. Programming

memory layout in C on linux

Hi, Does any one know what tool to use to visualize how is memory layed out for C on linux systems. I mean how much stack portion is used in functional call. Where exactly does the argument to function sit in memory ? I have written small program pasted below. But I am not able to infer... (3 Replies)
Discussion started by: parasa
3 Replies

3. UNIX for Advanced & Expert Users

Memory managment - linux

Hi, I having problem with my linux machine it have 6Gb physical memory and somehow it always almost coming to the bottom neck and than it start writing to the swap memory you can see that there is more than 4G in cahce, is there any way to clean the cache or to limit it to 2Gb? host1... (6 Replies)
Discussion started by: Igal Malka
6 Replies

4. Programming

Pcap.h Sniffing

Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know? Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies

5. Shell Programming and Scripting

Pcap.h Sniffing

Can someone please help me figure out how to use pcap.h to sniff packets between only 2 computers whose mac addresses are know? Thanks (0 Replies)
Discussion started by: papabearcares
0 Replies

6. Linux

Linux Memory Track

Hi All, We are using the linux servers and need to track the memory utilization of the box. Could anyone advice how the same can be achived. :) (1 Reply)
Discussion started by: haitorajesh
1 Replies

7. What is on Your Mind?

Wired keyboard sniffing

Are we safe using the everyday wired keyboard? Although this concept is old, I had never seen an actual implementation on the matter until a few days ago. (Four ways of sniffing the electromagnetic emanations of wired keyboards currently on the market in up to 20 meters.) Check the videos at:... (2 Replies)
Discussion started by: redoubtable
2 Replies

8. Red Hat

Shared memory in linux

Hello, I am using Linux os. $ df -k /dev/shm Filesystem 1K-blocks Used Available Use% Mounted on tmpfs 2023256 1065000 958256 53% /dev/shm $ Based on my google this, it is shared memory. What is this shared memory and where exactly it is used? Can you... (5 Replies)
Discussion started by: govindts
5 Replies

9. Linux

Underutilization of Linux memory

Hi All, We are running a python application on an RHEL 7 VM machine hosted in Azure. Machine has 8GB of memory & 2GB of swap space configured as swap file. Below the output of free command from the server. #-> free -h total used free shared buff/cache ... (12 Replies)
Discussion started by: veeresh_15
12 Replies

LEARN ABOUT HPUX

setpgid

setpgid(2)							System Calls Manual							setpgid(2)

NAME

       setpgid(), setpgrp2() - set process group ID for job control

SYNOPSIS

DESCRIPTION

       The  and system calls cause the process specified by pid to join an existing process group or create a new process group within the session
       of the calling process.	The process group ID of the process whose process ID is pid is set to pgid.  If pid is zero, the process ID of the
       calling	process is used.  If pgid is zero, the process ID of the indicated process is used.  The process group ID of a session leader does
       not change.

       is provided for backward compatibility only.

   Security Restrictions
       Some or all of the actions associated with this system call are subject to compartmental restrictions.

       See compartments(5) for more information about compartmentalization on systems that support that feature.  Compartmental  restrictions  can
       be  overridden  if  the process possesses the privilege (COMMALLOWED).  Processes owned by the superuser may not have this privilege.  Pro-
       cesses owned by any user may have this privilege, depending on system configuration.

       See privileges(5) for more information about privileged access on systems that support fine-grained privileges.

RETURN VALUE

       and return the following values:

	      Successful completion.
	      Failure.
		     is set to indicate the error.

ERRORS

       If or fails, is set to one of the following values.

	      The value of   pid matches the process ID of a child process of the calling process and the child process has successfully  executed
			     one of the exec(2) functions.

	      The value of   pgid is less than zero or is outside the range of valid process group ID values.

	      The process indicated by
			     pid is a session leader.

	      The value of   pid  is  valid  but matches the process ID of a child process of the calling process, and the child process is not in
			     the same session as the calling process.

	      The value of   pgid does not match the process ID of the process indicated by pid and there is no process with a	process  group	ID
			     that matches the value of pgid in the same session as the calling process.

	      The value of   pid does not match the process ID of the calling process or of a child process of the calling process.

AUTHOR

       and were developed by HP and the University of California, Berkeley.

SEE ALSO

       bsdproc(3C), exec(2), exit(2), fork(2), getpid(2), kill(2), setsid(2), signal(2), privileges(5), termio(7).

STANDARDS CONFORMANCE

																	setpgid(2)
All times are GMT -4. The time now is 02:35 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy