Created
June 16, 2013 09:22
-
-
Save nazarov-yuriy/5791513 to your computer and use it in GitHub Desktop.
Kernel module to read memory.
sudo insmod memdump.ko addr=0xffffffff81dd7000 size=2048 && sudo rmmod memdump.ko && sudo dmesg -c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| obj-m += memdump.o | |
| all: | |
| make -C /lib/modules/$(shell uname -r)/build M=$(PWD) modules | |
| clean: | |
| make -C /lib/modules/$(shell uname -r)/build M=$(PWD) clean |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <linux/module.h> /* Needed by all modules */ | |
| #include <linux/kernel.h> /* Needed for KERN_INFO */ | |
| #include <linux/init.h> /* Needed for the macros */ | |
| static unsigned long int addr = 0xffffffff81dd7000l; | |
| module_param(addr, ulong, S_IRUSR); | |
| MODULE_PARM_DESC(addr, "Start address"); | |
| static long int size = 2048; | |
| module_param(size, long, S_IRUSR); | |
| MODULE_PARM_DESC(size, "Data size in bytes"); | |
| static int __init hello_2_init(void) | |
| { | |
| char buff[50]; | |
| uint64_t i; | |
| printk(KERN_INFO "Start address: %016p\n", addr); | |
| for(i = 0; i < 2048; i++){ | |
| uint32_t tmp = 0; | |
| char *c; | |
| c = (char*)(addr + i); | |
| tmp = *c; | |
| tmp = tmp % 256; | |
| sprintf(&buff[(i%16)*3], "%2x ", tmp); | |
| if(i%16==15){ | |
| printk("%s\n", buff); | |
| } | |
| } | |
| return 0; | |
| } | |
| static void __exit hello_2_exit(void) | |
| { | |
| } | |
| module_init(hello_2_init); | |
| module_exit(hello_2_exit); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment