Android memory dump

时间:2022-01-12 22:17:27

1.读取指定pid和内存地址的字符:

#include <stdlib.h>

#include <stdio.h>

#include <string.h>

#include <sys/ptrace.h>

#include <errno.h>

#include <dirent.h>

int pid = ;

long int addr = 0x12CBC270;

int main(int argc, void **argv)

{

    int ret = ;

    char data = ;

    printf("start...\n");

    ret = ptrace(PTRACE_ATTACH, pid, , );

    if(ret == -)

    {

        printf("ptrace fail,exit\n");

        return ;

    }

    waitpid(pid, NULL, );

    data = ptrace(PTRACE_PEEKDATA, pid, addr, NULL);

    printf("addr:%08lX data:%02X\n",addr,data);

    ptrace(PTRACE_DETACH, pid, NULL, NULL);  

    return ;

}

链接资料:

相关文章