def attach(self):
if not self.attached:
self.attached = True
ptrace_attach(self.pid)
if not self.process:
self.process = self.tracer.addProcess(self.pid, True)
self.maps.extend(self.process.readMappings()[0:4])
def attach(self, seize=False):
if self.is_attached:
return
info("Attach process %s" % self.pid)
if not seize: #add by jasper
ptrace_attach(self.pid)
else:
self.is_seized = True
ptrace_seize(self.pid)
self.is_attached = True
def trace(pid):
ptrace_attach(pid)
if wait_status() == -1:
return -1
print "-- start traceing %d ..." %pid
while True:
ptrace_syscall(pid)
if wait_status() == -1:
ptrace_detach(pid)
return -1
regs = ptrace_getregs(pid)
res = SYSCALL_NAMES.get(regs.orig_rax)
if res == "clone" or res == "fork" or res == "vfork" or res == "execve":
limit = resource.getrlimit(resource.RLIMIT_NPROC)
if regs.rax > 0 and regs.rax < limit[1]:
print "create new child: %s" %regs.rax
return 0
def attach(self):
if self.is_attached:
return
info("Attach process %s" % self.pid)
ptrace_attach(self.pid)
self.is_attached = True
def attach(self):
if self.is_attached:
return
info("Attach process %s" % self.pid)
ptrace_attach(self.pid)
self.is_attached = True
def attach(self):
return ptrace_attach(self.pid)
