From: Vincent Le Gallic <legallic@crans.org>
Date: Wed, 4 Jan 2017 10:47:36 +0000 (+0100)
Subject: [dumpram] script pour dumper la RAM d'un PID.
X-Git-Url: http://gitweb.pimeys.fr/?p=scripts-20-100.git;a=commitdiff_plain;h=35b417653424722704b8f699ef6ad6b43cbcfa65;hp=2efca57f3ebce434add166be8789ece6c5dade63

[dumpram] script pour dumper la RAM d'un PID.

Honteusement pompé sur Internet, il me semble.
---

diff --git a/dumpram.py b/dumpram.py
new file mode 100755
index 0000000..c75e480
--- /dev/null
+++ b/dumpram.py
@@ -0,0 +1,22 @@
+#! /usr/bin/env python
+
+"""Dumps RAM of a process."""
+
+import re
+import sys
+
+PID = sys.argv[1]
+
+maps_file = open("/proc/%s/maps" % PID, 'r')
+mem_file = open("/proc/%s/mem" % PID, 'r', 0)
+
+for line in maps_file.readlines():  # for each mapped region
+    m = re.match(r'([0-9A-Fa-f]+)-([0-9A-Fa-f]+) ([-r])', line)
+    if m.group(3) == 'r':  # if this is a readable region
+        start = int(m.group(1), 16)
+        end = int(m.group(2), 16)
+        mem_file.seek(start)  # seek to region start
+        chunk = mem_file.read(end - start)  # read region contents
+        print chunk,  # dump contents to standard output
+maps_file.close()
+mem_file.close()