pwnlib.util.proc — Working with /proc/

pwnlib.util.proc.ancestors(pid) → int list

Parameters:pid (int) – PID of the process. Returns:List of PIDs of whose parent process is pid or an ancestor of pid.

Example

>>> ancestors(os.getpid()) # doctest: +ELLIPSIS
[..., 1]

pwnlib.util.proc.children(ppid) → int list

Parameters:pid (int) – PID of the process. Returns:List of PIDs of whose parent process is pid.

pwnlib.util.proc.cmdline(pid) → str list

Parameters:pid (int) – PID of the process. Returns:A list of the fields in /proc/<pid>/cmdline.

Example

>>> 'py' in ''.join(cmdline(os.getpid()))
True

pwnlib.util.proc.cwd(pid) → str

Parameters:pid (int) – PID of the process. Returns:The path of the process’s current working directory. I.e. what /proc/<pid>/cwd points to.

Example

>>> cwd(os.getpid()) == os.getcwd()
True

pwnlib.util.proc.descendants(pid) → dict

Parameters:pid (int) – PID of the process. Returns:Dictionary mapping the PID of each child of pid to it’s descendants.

Example

>>> d = descendants(os.getppid())
>>> os.getpid() in d.keys()
True

pwnlib.util.proc.exe(pid) → str

Parameters:pid (int) – PID of the process. Returns:The path of the binary of the process. I.e. what /proc/<pid>/exe points to.

Example

>>> exe(os.getpid()) == os.path.realpath(sys.executable)
True

pwnlib.util.proc.name(pid) → str

Parameters:pid (int) – PID of the process. Returns:Name of process as listed in /proc/<pid>/status.

Example

>>> p = process('cat')
>>> name(p.pid)
'cat'

pwnlib.util.proc.parent(pid) → int

Parameters:pid (int) – PID of the process. Returns:Parent PID as listed in /proc/<pid>/status under PPid, or 0 if there is not parent.

pwnlib.util.proc.pid_by_name(name) → int list

Parameters:name (str) – Name of program. Returns:List of PIDs matching name sorted by lifetime, youngest to oldest.

Example

>>> os.getpid() in pid_by_name(name(os.getpid()))
True

pwnlib.util.proc.pidof(target) → int list

Get PID(s) of target. The returned PID(s) depends on the type of target:

• str: PIDs of all processes with a name matching target.
• pwnlib.tubes.process.process: singleton list of the PID of target.
• pwnlib.tubes.sock.sock: singleton list of the PID at the remote end of target if it is running on the host. Otherwise an empty list.

Parameters:target (object) – The target whose PID(s) to find. Returns:A list of found PIDs.

Example

>>> l = tubes.listen.listen()
>>> p = process(['curl', '-s', 'http://127.0.0.1:%d'%l.lport])
>>> pidof(p) == pidof(l) == pidof(('127.0.0.1', l.lport))
True

pwnlib.util.proc.starttime(pid) → float

Parameters:pid (int) – PID of the process. Returns:The time (in seconds) the process started after system boot

Example

>>> starttime(os.getppid()) <= starttime(os.getpid())
True

pwnlib.util.proc.stat(pid) → str list

Parameters:pid (int) – PID of the process. Returns:A list of the values in /proc/<pid>/stat, with the exception that ( and ) has been removed from around the process name.

Example

>>> stat(os.getpid())[2]
'R'

pwnlib.util.proc.state(pid) → str

Parameters:pid (int) – PID of the process. Returns:State of the process as listed in /proc/<pid>/status. See proc(5) for details.

Example

>>> state(os.getpid())
'R (running)'

pwnlib.util.proc.status(pid) → dict

Get the status of a process.

Parameters:pid (int) – PID of the process. Returns:The contents of /proc/<pid>/status as a dictionary.

pwnlib.util.proc.tracer(pid) → int

Parameters:pid (int) – PID of the process. Returns:PID of the process tracing pid, or None if no pid is not being traced.

Example

>>> tracer(os.getpid()) is None
True

pwnlib.util.proc.wait_for_debugger(pid, debugger_pid=None) → None

Sleeps until the process with PID pid is being traced. If debugger_pid is set and debugger exits, raises an error.

Parameters:pid (int) – PID of the process. Returns:None