1.读取指定pid和内存地址的字符:
#include <stdlib.h> #include <stdio.h> #include <string.h> #include <sys/ptrace.h> #include <errno.h> #include <dirent.h> int pid = 17919; long int addr = 0x12CBC270; int main(int argc, void **argv) { int ret = 0; char data = 0; printf("start...\n"); ret = ptrace(PTRACE_ATTACH, pid, 0, 0); if(ret == -1) { printf("ptrace fail,exit\n"); return 1; } waitpid(pid, NULL, 0); data = ptrace(PTRACE_PEEKDATA, pid, addr, NULL); printf("addr:%08lX data:%02X\n",addr,data); ptrace(PTRACE_DETACH, pid, NULL, NULL); return 0; }
链接资料: