A simple ptrace debugger with process attach capabilities

Let's look at a code example:

#include <stdio.h> #include <string.h> #include <stdlib.h> #include <unistd.h> #include <fcntl.h> #include <errno.h> #include <signal.h> #include <elf.h> #include <sys/types.h> #include <sys/user.h> #include <sys/stat.h> #include <sys/ptrace.h> #include <sys/mman.h> typedef struct handle { Elf64_Ehdr *ehdr; Elf64_Phdr *phdr; Elf64_Shdr *shdr; uint8_t *mem; char *symname; Elf64_Addr symaddr; struct user_regs_struct pt_reg; char *exec; } handle_t; int global_pid; Elf64_Addr lookup_symbol(handle_t *, const char *); char * get_exe_name(int); void sighandler(int); #define EXE_MODE 0 #define PID_MODE 1 int main(int argc, char **argv, char **envp) { int fd, c, mode ...

Get Learning Linux Binary Analysis now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning Linux Binary Analysis by Ryan elfmaster O'Neill

A simple ptrace debugger with process attach capabilities

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly