pwnlib.util.proc — Working with /proc/

pwnlib.util.proc.ancestors(pid) int list[source]
Parameters

pid (int) – PID of the process.

Returns

List of PIDs of whose parent process is pid or an ancestor of pid.

Example

>>> ancestors(os.getpid()) 
[..., 1]
pwnlib.util.proc.children(ppid) int list[source]
Parameters

pid (int) – PID of the process.

Returns

List of PIDs of whose parent process is pid.

pwnlib.util.proc.cmdline(pid) str list[source]
Parameters

pid (int) – PID of the process.

Returns

A list of the fields in /proc/<pid>/cmdline.

Example

>>> 'py' in ''.join(cmdline(os.getpid()))
True
pwnlib.util.proc.cwd(pid) str[source]
Parameters

pid (int) – PID of the process.

Returns

The path of the process’s current working directory. I.e. what /proc/<pid>/cwd points to.

Example

>>> cwd(os.getpid()) == os.getcwd()
True
pwnlib.util.proc.descendants(pid) dict[source]
Parameters

pid (int) – PID of the process.

Returns

Dictionary mapping the PID of each child of pid to it’s descendants.

Example

>>> d = descendants(os.getppid())
>>> os.getpid() in d.keys()
True
pwnlib.util.proc.exe(pid) str[source]
Parameters

pid (int) – PID of the process.

Returns

The path of the binary of the process. I.e. what /proc/<pid>/exe points to.

Example

>>> exe(os.getpid()) == os.path.realpath(sys.executable)
True
pwnlib.util.proc.memory_maps(pid) list[source]
Parameters

pid (int) – PID of the process.

Returns

A list of the memory mappings in the process.

Example

>>> maps = memory_maps(os.getpid())
>>> [(m.path, m.perms) for m in maps if '[stack]' in m.path]
[('[stack]', 'rw-p')]
pwnlib.util.proc.name(pid) str[source]
Parameters

pid (int) – PID of the process.

Returns

Name of process as listed in /proc/<pid>/status.

Example

>>> p = process('cat')
>>> name(p.pid)
'cat'
pwnlib.util.proc.parent(pid) int[source]
Parameters

pid (int) – PID of the process.

Returns

Parent PID as listed in /proc/<pid>/status under PPid, or 0 if there is not parent.

pwnlib.util.proc.pid_by_name(name) int list[source]
Parameters

name (str) – Name of program.

Returns

List of PIDs matching name sorted by lifetime, youngest to oldest.

Example

>>> os.getpid() in pid_by_name(name(os.getpid()))
True
pwnlib.util.proc.pidof(target) int list[source]

Get PID(s) of target. The returned PID(s) depends on the type of target:

Parameters

target (object) – The target whose PID(s) to find.

Returns

A list of found PIDs.

Example

>>> l = tubes.listen.listen()
>>> p = process(['curl', '-s', 'http://127.0.0.1:%d'%l.lport])
>>> pidof(p) == pidof(l) == pidof(('127.0.0.1', l.lport))
True
pwnlib.util.proc.starttime(pid) float[source]
Parameters

pid (int) – PID of the process.

Returns

The time (in seconds) the process started after system boot

Example

>>> starttime(os.getppid()) <= starttime(os.getpid())
True
pwnlib.util.proc.stat(pid) str list[source]
Parameters

pid (int) – PID of the process.

Returns

A list of the values in /proc/<pid>/stat, with the exception that ( and ) has been removed from around the process name.

Example

>>> stat(os.getpid())[2]
'R'
pwnlib.util.proc.state(pid) str[source]
Parameters

pid (int) – PID of the process.

Returns

State of the process as listed in /proc/<pid>/status. See proc(5) for details.

Example

>>> state(os.getpid())
'R (running)'
pwnlib.util.proc.status(pid) dict[source]

Get the status of a process.

Parameters

pid (int) – PID of the process.

Returns

The contents of /proc/<pid>/status as a dictionary.

pwnlib.util.proc.tracer(pid) int[source]
Parameters

pid (int) – PID of the process.

Returns

PID of the process tracing pid, or None if no pid is not being traced.

Example

>>> tracer(os.getpid()) is None
True
pwnlib.util.proc.wait_for_debugger(pid, debugger_pid=None) None[source]

Sleeps until the process with PID pid is being traced. If debugger_pid is set and debugger exits, raises an error.

Parameters

pid (int) – PID of the process.

Returns

None