diff options
| author | Jari Vetoniemi <mailroxas@gmail.com> | 2018-10-18 21:37:02 +0300 |
|---|---|---|
| committer | Jari Vetoniemi <mailroxas@gmail.com> | 2018-10-18 21:37:02 +0300 |
| commit | 2efc087cd4f70c07523b82941259a5d2597b4460 (patch) | |
| tree | 46d1ba26e158cc5a04ae857d2976a694732c47a6 /contrib/brute-map.bash | |
| parent | fcadd18b07e55f4a6d21f9f378de9ded25be7e67 (diff) | |
Add some tools
Diffstat (limited to 'contrib/brute-map.bash')
| -rwxr-xr-x | contrib/brute-map.bash | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/contrib/brute-map.bash b/contrib/brute-map.bash new file mode 100755 index 0000000..a7a735c --- /dev/null +++ b/contrib/brute-map.bash @@ -0,0 +1,16 @@ +#!/bin/bash +# usage: ./brute-map.bash pid file [window-size] +# Sometimes region offsets aren't available, but we know that some regions map a file +# Fix the region offsets by bruteforcing the offsets from a known file +while read -r region; do + offset=$(printf '%d' "0x$(awk '{print $3}' <<<"$region")") + if ((offset == 0)); then + offset=$(binsearch <(proc-region-rw "$1" read <<<"$region" 2>/dev/null | bintrim) $3 < "$2") + fi + if ((offset != 0)); then + hex=$(printf '%.8x' "$offset") + awk '{printf "%s %s %s %s %s %s\n", $1, $2, "'"$hex"'", $4, $5, $6, $7}' <<<"$region" + else + printf '%s\n' "$region" + fi +done |