1

I have the following script:

import sys, os

pid = sys.argv[1]
maps_file = open("/proc/%s/maps" % pid, 'r')
mem_file = open("/proc/%s/mem" % pid, 'r')
for line in maps_file.readlines():  # for each mapped region
    m = re.match(r'([0-9A-Fa-f]+)-([0-9A-Fa-f]+) ([-r])', line)
    if m.group(3) == 'r':  # if this is a readable region
        start = int(m.group(1), 16)
        end = int(m.group(2), 16)
        mem_file.seek(start)  # seek to region start
        chunk = mem_file.read(end - start)  # read region contents
        #print chunk,  # dump contents to standard output
        mem_dump = open(pid+".bin", "wb")
        mem_dump.write(str(chunk,))
        mem_dump.close()
maps_file.close()
mem_file.close()

All workds well (dumping the process' memory) so far but I can't save data to file. What am I doing wrong?

Improve this question
2
  • what happens? do you get an error? Commented Apr 17, 2013 at 12:39
  • no error, but no file written at all :-| Commented Apr 17, 2013 at 12:40

1 Answer 1

Reset to default
1

Could it be that the files are getting written to somewhere you don't expect (looks like they will be written to the current directory)?

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Yeah, you are right, I expected to be written in the current directory but they didn't, with full path they are written, thanks!
But still a problem, the file gets written with only a chunk not all data, any idea why? SOLVED: mem_dump = open("/tmp/%s.bin"%pid, "ab")
@xtmtrx You could also keep the file open for the full for loop.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.