Useful devices and files
Linux has many files, devices, and /proc
entries that are very helpful for the avid hacker and reverse engineer. Throughout this book, we will be demonstrating the usefulness of many of these files. Here is a description of some of the commonly used ones throughout the book.
/proc/<pid>/maps
/proc/<pid>/maps
file contains the layout of a process image by showing each memory mapping. This includes the executable, shared libraries, stack, heap, VDSO, and more. This file is critical for being able to quickly parse the layout of a process address space and is used more than once throughout this book.
/proc/kcore
The /proc/kcore
is an entry in the proc
filesystem that acts as a dynamic core file of the Linux kernel. That is, it ...
Get Learning Linux Binary Analysis now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.