Getting started with ECFS

At the time of writing this chapter, the complete ECFS project and source code is available at http://github.com/elfmaster/ecfs. Once you have cloned the repository with git, you should compile and install the software as described in the README file.

Currently, ECFS has two modes of use:

Plugging ECFS into the core handler
ECFS snapshots without killing the process

Note

In this chapter, the terms ECFS files, ECFS snapshots, and ECFS core files are used interchangeably.

Plugging ECFS into the core handler

The first thing is to plug the ECFS core handler into the Linux kernel. The make install will accomplish this for you, but it must be done after every reboot or stored in an init script. The manual way of setting up the ECFS ...

Get Learning Linux Binary Analysis now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning Linux Binary Analysis by Ryan elfmaster O'Neill

Getting started with ECFS

Note

Plugging ECFS into the core handler

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly