Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
capture stack memory for process in linux
# This procedure will take capture for a process
cat /proc/[PID]/maps
# find memory address
00622000-0066a000 rw-p 00622000 00:00 0 [heap]
gdb --pid [PID]
(gdb) dump memory /root/[outputfile] 0x00621000 0x00622000
xdd [outputfile] > [outputfile].hex
vimdiff [outputfile]1.hex [outputfile]2.hex
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment