Can you edit address values in “/proc/$pid/mem” to reflect changes in that process?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I would like to see if I can edit a value in my program while it is running by directly changing the memory.
My thought process (untested) is to do the following:
- Run the program.
- Open up "System Monitor" app, and "stop" (not end or kill) the program.
- Navigate to
/proc/<ID#>/
chmod
the filemem
to give me read-write access- Edit
mem
with a hex editor - Continue program and see if my changes were reflected.
Is this the right way to go about this?
If not, how would I go about trying to achieve this?
kernel memory proc programming hex
add a comment |
up vote
1
down vote
favorite
I would like to see if I can edit a value in my program while it is running by directly changing the memory.
My thought process (untested) is to do the following:
- Run the program.
- Open up "System Monitor" app, and "stop" (not end or kill) the program.
- Navigate to
/proc/<ID#>/
chmod
the filemem
to give me read-write access- Edit
mem
with a hex editor - Continue program and see if my changes were reflected.
Is this the right way to go about this?
If not, how would I go about trying to achieve this?
kernel memory proc programming hex
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I would like to see if I can edit a value in my program while it is running by directly changing the memory.
My thought process (untested) is to do the following:
- Run the program.
- Open up "System Monitor" app, and "stop" (not end or kill) the program.
- Navigate to
/proc/<ID#>/
chmod
the filemem
to give me read-write access- Edit
mem
with a hex editor - Continue program and see if my changes were reflected.
Is this the right way to go about this?
If not, how would I go about trying to achieve this?
kernel memory proc programming hex
I would like to see if I can edit a value in my program while it is running by directly changing the memory.
My thought process (untested) is to do the following:
- Run the program.
- Open up "System Monitor" app, and "stop" (not end or kill) the program.
- Navigate to
/proc/<ID#>/
chmod
the filemem
to give me read-write access- Edit
mem
with a hex editor - Continue program and see if my changes were reflected.
Is this the right way to go about this?
If not, how would I go about trying to achieve this?
kernel memory proc programming hex
kernel memory proc programming hex
edited Nov 18 at 22:36
asked Nov 18 at 22:28
Akiva
1115
1115
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
According to man 5 proc
:
/proc/[pid]/mem
This file can be used to access the pages of a process's memory through open(2),
read(2), and lseek(2).
That's to say this interface only provides read access. You cannot write or modify this file:
# chmod +w /proc/$pid/mem
chmod: changing permissions of '/proc/2905/mem': Operation not permitted
If you want to modify a running process's memory, one way I can think of is to attach a debugger to the process, and then use it to set variables.
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
According to man 5 proc
:
/proc/[pid]/mem
This file can be used to access the pages of a process's memory through open(2),
read(2), and lseek(2).
That's to say this interface only provides read access. You cannot write or modify this file:
# chmod +w /proc/$pid/mem
chmod: changing permissions of '/proc/2905/mem': Operation not permitted
If you want to modify a running process's memory, one way I can think of is to attach a debugger to the process, and then use it to set variables.
add a comment |
up vote
1
down vote
According to man 5 proc
:
/proc/[pid]/mem
This file can be used to access the pages of a process's memory through open(2),
read(2), and lseek(2).
That's to say this interface only provides read access. You cannot write or modify this file:
# chmod +w /proc/$pid/mem
chmod: changing permissions of '/proc/2905/mem': Operation not permitted
If you want to modify a running process's memory, one way I can think of is to attach a debugger to the process, and then use it to set variables.
add a comment |
up vote
1
down vote
up vote
1
down vote
According to man 5 proc
:
/proc/[pid]/mem
This file can be used to access the pages of a process's memory through open(2),
read(2), and lseek(2).
That's to say this interface only provides read access. You cannot write or modify this file:
# chmod +w /proc/$pid/mem
chmod: changing permissions of '/proc/2905/mem': Operation not permitted
If you want to modify a running process's memory, one way I can think of is to attach a debugger to the process, and then use it to set variables.
According to man 5 proc
:
/proc/[pid]/mem
This file can be used to access the pages of a process's memory through open(2),
read(2), and lseek(2).
That's to say this interface only provides read access. You cannot write or modify this file:
# chmod +w /proc/$pid/mem
chmod: changing permissions of '/proc/2905/mem': Operation not permitted
If you want to modify a running process's memory, one way I can think of is to attach a debugger to the process, and then use it to set variables.
answered Nov 19 at 2:05
muru
35k581154
35k581154
add a comment |
add a comment |
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f482623%2fcan-you-edit-address-values-in-proc-pid-mem-to-reflect-changes-in-that-proce%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown