Hi all, Beginner here. I am trying to figure out how to modify a running process on a linux system using Python.
Example: I have a python program that takes in as an argument a PID. My goal is to use this PID and get info about the running process with that PID. (1) Find where it is located in memory (2) Where is the instruction pointer (3) Modify the program such that the next executed instruction is something else (4) Return the pointer back to the next legitimate instruction (5) Let the original process execute as it should have I am trying to develop a POC to show how a small piece of code can be injected into a running process to just print 'hello' to stdout and not disturb the rest of the process. Before you tear you hair out. The program I want to "infect" will be an infinite loop with a sleep in it and the "malware" will be a " print 'infected' " kind of program. Not looking to do anything malicious, just trying to learn. I looked up trace and some other modules but they all seem to do with following the currently executing python process. Also looked at pyhook, but its mainly to trap signals from keyboards etc.. Looked at gray hat python - tuned towards windows. Can anyone please point me to some modules that might be useful, or some code samples. I tried googling for "python inspect process PID" etc.. did not get anything very useful. I know I can run gdb -a pid from within python and such but I am looking for a non os.popen ish kind of a way. Is there a module that will be helpful. Let's assume I have sudo/root privileges and that the POC code "only needs to work in linux". Any help is very appreciated. [Also posted on StackOverflow] - no real good leads from there Thanks! -- http://mail.python.org/mailman/listinfo/python-list
