|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: How to make a core dump?
From: Laker Zhu (zhu_laker
yahoo.ca)
Date: Sun Sep 05 2004 - 11:34:01 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The following is for sun solaris. For other OS, such
as Linux or other Unix, there must be similar
commands.
# dumpadm
to define the dump device and savecore directory. Make
sure the save core directory has enough space to save
the image of the memory.
# savecore ¨CL
to save a crash dump of the OS into savecore directory
--- Alexander Morozov <amorozovpisem.net> wrote:
> Hello everyone,
> recently my friend have found a malcious program
> running on his
> web-server. After some actions i thought it would be
> helpful to make
> its core dump, but i couldn't figure out how to do
> this. The only
> thing that came to mind was attaching to it with
> gdb, stopping
> it and dumping regions of memory manually (using
> memory map in
> /proc/pid/mem). It went fine, i copied all segments
> but it would be much
> better to have standart core dump, to be able to use
> usual programms on
> it later. I remember, that several years ago default
> behaviour of a
> program running under linux was dumping itself on
> SIGSEGV.
> And I wonder, how was this fullfilled, was it
> feature of glibc to catch
> SIGV and write a dump? Or was it made by the kernel?
>
> Alexander Morozov
>
______________________________________________________________________
Post your free ad now! http://personals.yahoo.ca
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]