LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices

Reply
 
Search this Thread
Old 11-05-2011, 10:10 AM   #1
southpau1
LQ Newbie
 
Registered: Sep 2011
Posts: 24

Rep: Reputation: Disabled
Read memory?


Hello! I have a need to read my Linux RAM, and specifically, I need to know the memory addresses of everything in memory. What is the easiest way to do this?

I know /dev/mem has the contents of memory, but when I open it it is just jibberish. I also don't know if /dev/mem will include the memory addresses.

Please help!
 
Old 11-05-2011, 11:23 AM   #2
jefro
Guru
 
Registered: Mar 2008
Posts: 11,380

Rep: Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395
Kind of a risky thing to try to read all ram. You can't easily freeze a system nor read all ram unless you have magnetic core ram.

What are you trying to do exactly?
 
Old 11-05-2011, 11:28 AM   #3
southpau1
LQ Newbie
 
Registered: Sep 2011
Posts: 24

Original Poster
Rep: Reputation: Disabled
Ok I guess what I am really trying to do it somehow write a specific string to memory, and then determine the address of that string.

For example, I want to write 'hello' to memory, and then determine the memory location..

I'm trying to do this with malloc right now, but have never used it before.
 
Old 11-05-2011, 02:10 PM   #4
jefro
Guru
 
Registered: Mar 2008
Posts: 11,380

Rep: Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395Reputation: 1395
In machine language you could do that easier I'd think. Been a very long time since I did that.

Every bit of the computer for the most part is a memory address. Ram and hard drive chips and hard drive area are simply a memory location.

Might be in your interest to create a virtual hard drive or ramdisk/ramdrive. It is a ram based hard drive that you can write to and read from.

Still don't know why you want this task. You'd have to see that the area is free to begin with, then lock it for your use then write to it. That can be done with a few web pages help. Then a number of ways to read it. Some hex editors can access by ram address. I'm sure other apps can read or display a memory address.
 
Old 11-05-2011, 06:32 PM   #5
southpau1
LQ Newbie
 
Registered: Sep 2011
Posts: 24

Original Poster
Rep: Reputation: Disabled
So its another buffer overflow issue. I need to exploit a buffer overflow and overwrite the RET address of a program with the memory address of some code that I want to execute. So I need to be able to put the code I want to run in memory, and I also need to know its memory address so I can set the RET address to the correct value.
 
Old 11-06-2011, 10:37 AM   #6
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 11,141
Blog Entries: 3

Rep: Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406Reputation: 1406
Hi,

Quote:
Originally Posted by southpau1 View Post
So its another buffer overflow issue. I need to exploit a buffer overflow and overwrite the RET address of a program with the memory address of some code that I want to execute. So I need to be able to put the code I want to run in memory, and I also need to know its memory address so I can set the RET address to the correct value.
If I understand your request, I think that you are looking at this issue wrong. When you develop a program the 'calls' when executed will push a return address onto the stack. When the 'ret' is executed then that return address is popped off the stack. If you are debugging then breakpoints can be used within to allow stepping the program through the program. If the program that you are calling supports externals then it should be easy to find the address or modify to suit if Open Source. Other wise you would need to disassemble, which can be a hassle at times. Better if you have the source. If you are not careful the stack will be mangled for that program.

Whenever you compile then link the addressing is allocated. Look at linker then look at Assembler Language wiki section 2.2 Macros for some examples related to ASM. The above links should provide enough to understand procedural aspects.

You could look at things from a high level language perspective. In-line is nothing new. CS in such short time/post is difficult.

HTH!

Last edited by onebuck; 11-07-2011 at 07:31 AM. Reason: typo
 
Old 11-10-2011, 09:52 AM   #7
southpau1
LQ Newbie
 
Registered: Sep 2011
Posts: 24

Original Poster
Rep: Reputation: Disabled
Thanks, I'll keep digging!
 
  


Reply

Tags
memory


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
cant read sd memory card in ubuntu JET-33 Linux - Laptop and Netbook 4 11-27-2010 11:01 PM
why char * is called read only memory [C/C++] Xconsole Programming 7 10-22-2010 08:44 PM
Command to Read Memory Location gopi_phoenix Linux - General 13 01-16-2008 03:13 PM
read memory location of a device gopi_phoenix Linux - General 1 01-10-2008 10:18 AM
memory read tincat2 Linux - Hardware 3 08-24-2002 08:25 AM


All times are GMT -5. The time now is 12:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration