Documentation
¶
Index ¶
- type TracedProgram
- func (p *TracedProgram) Detach() error
- func (p *TracedProgram) FindSymbolInEntry(symbolName string, entry *mapreader.Entry) (uint64, uint64, error)
- func (p *TracedProgram) GetLibBuffer(entry *mapreader.Entry) (*[]byte, error)
- func (p *TracedProgram) JumpToFakeFunc(originAddr uint64, targetAddr uint64) error
- func (p *TracedProgram) Mmap(length uint64, fd uint64) (uint64, error)
- func (p *TracedProgram) MmapSlice(slice []byte) (*mapreader.Entry, error)
- func (p *TracedProgram) Pid() int
- func (p *TracedProgram) Protect() error
- func (p *TracedProgram) PtraceWriteSlice(addr uint64, buffer []byte) error
- func (p *TracedProgram) ReadSlice(addr uint64, size uint64) (*[]byte, error)
- func (p *TracedProgram) Restore() error
- func (p *TracedProgram) Step() error
- func (p *TracedProgram) Syscall(number uint64, args ...uint64) (uint64, error)
- func (p *TracedProgram) Wait() error
- func (p *TracedProgram) WriteSlice(addr uint64, buffer []byte) error
- func (p *TracedProgram) WriteUint64ToAddr(addr uint64, value uint64) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type TracedProgram ¶
TracedProgram is a program traced by ptrace
func (*TracedProgram) Detach ¶
func (p *TracedProgram) Detach() error
Detach detaches from all threads of the processes
func (*TracedProgram) FindSymbolInEntry ¶
func (p *TracedProgram) FindSymbolInEntry(symbolName string, entry *mapreader.Entry) (uint64, uint64, error)
FindSymbolInEntry finds symbol in entry through parsing elf
func (*TracedProgram) GetLibBuffer ¶
func (p *TracedProgram) GetLibBuffer(entry *mapreader.Entry) (*[]byte, error)
GetLibBuffer reads an entry
func (*TracedProgram) JumpToFakeFunc ¶
func (p *TracedProgram) JumpToFakeFunc(originAddr uint64, targetAddr uint64) error
JumpToFakeFunc writes jmp instruction to jump to fake function
func (*TracedProgram) Mmap ¶
func (p *TracedProgram) Mmap(length uint64, fd uint64) (uint64, error)
Mmap runs mmap syscall
func (*TracedProgram) MmapSlice ¶
func (p *TracedProgram) MmapSlice(slice []byte) (*mapreader.Entry, error)
MmapSlice mmaps a slice and return it's addr
func (*TracedProgram) Protect ¶
func (p *TracedProgram) Protect() error
Protect will backup regs and rip into fields
func (*TracedProgram) PtraceWriteSlice ¶
func (p *TracedProgram) PtraceWriteSlice(addr uint64, buffer []byte) error
PtraceWriteSlice uses ptrace rather than process_vm_write to write a buffer into addr
func (*TracedProgram) ReadSlice ¶
func (p *TracedProgram) ReadSlice(addr uint64, size uint64) (*[]byte, error)
ReadSlice reads from addr and return a slice
func (*TracedProgram) Restore ¶
func (p *TracedProgram) Restore() error
Restore will restore regs and rip from fields
func (*TracedProgram) Syscall ¶
func (p *TracedProgram) Syscall(number uint64, args ...uint64) (uint64, error)
Syscall runs a syscall at main thread of process
func (*TracedProgram) Wait ¶
func (p *TracedProgram) Wait() error
Wait waits until the process stops
func (*TracedProgram) WriteSlice ¶
func (p *TracedProgram) WriteSlice(addr uint64, buffer []byte) error
WriteSlice writes a buffer into addr
func (*TracedProgram) WriteUint64ToAddr ¶
func (p *TracedProgram) WriteUint64ToAddr(addr uint64, value uint64) error
WriteUint64ToAddr writes uint64 to addr
Source Files