Giter VIP home page Giter VIP logo

ptrwatch's Introduction

ptrwatch

OUT:

Ptrwatch is a Linux CLI tool for observing pointer chains in real time.

Generate pointer chains

DEPENDENES:

Ptrwatch dynamically links libpwu. Release +0.1.4 is required. Visit the page and follow installation instructions.

Ptrwatch also links libncurses. To build ptrwatch, you'll additionally need the ncurses development library. Consult your distro's wiki for details.

INSTALLAON:

Fetch the repo:

$ git clone https://github.com/vykt/ptrwatch

Generate build files:

$ cd ptrscan && ./buildgen.sh

Build the release:

$ cd build && make watch

Check the install script & install:

$ cd .. && sudo ./install.sh

CONFIGURATION FILE:

To provide ptrwatch with pointer chains you must specify them in a config file. An example config ptrwatch.cfg is included in the root of the repo.

The config file can contain 3 types of lines.lank lines are allowed:

Comments

Comments begin with a '#' and span the entire line.

config:

# this is a comment

output:

<none>

Titles

Titles begin with a '>' and span the entire line. Titles have a red colour and should be used to provide structure to the output of ptrwatch.

config:

>this is a title

output:

this is a title

Entries

Entries display the value at the end of a pointer chain. An entry takes the following format:

<description>:<type>:<start_backing_file> <offsets>

description is a string displayed besides the value read from the pointer chain.

type can be any of:

  • uint8
  • int8
  • uint16
  • int16
  • uint32
  • int32
  • uint64
  • int64
  • float
  • double
  • string:[len]

Note that the string type takes an additional length parameter [len].

start_backing_file can either be the string representation of the backing file (e.g. 'libc.so.6') or a starting address in written in hexadecimal with a '0x' prefix.

offsets are a space delimited list of offsets. The final offset is dereferenced as type and displayed.

See the provided ptrwatch.cfg for examples.

EXAMPLES

Watch pointer chains of process example_proc using the default ptrwatch.cfg config:

ptrwatch example_proc

Watch pointer chains of process with PID 1234, using new_config.cfg as the config file:

ptrwatch -c new_config.cfg 1234

ptrwatch's People

Contributors

vykt avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.