pwnlib.util.proc — Working with /proc/

pwnlib.util.proc.ancestors(pid) → int list[source]
Parameters:pid (int) – PID of the process.
Returns:List of PIDs of whose parent process is pid or an ancestor of pid.

Example

>>> ancestors(os.getpid()) # doctest: +ELLIPSIS
[..., 1]
pwnlib.util.proc.children(ppid) → int list[source]
Parameters:pid (int) – PID of the process.
Returns:List of PIDs of whose parent process is pid.
pwnlib.util.proc.cmdline(pid) → str list[source]
Parameters:pid (int) – PID of the process.
Returns:A list of the fields in /proc/<pid>/cmdline.

Example

>>> 'py' in ''.join(cmdline(os.getpid()))
True
pwnlib.util.proc.cwd(pid) → str[source]
Parameters:pid (int) – PID of the process.
Returns:The path of the process’s current working directory. I.e. what /proc/<pid>/cwd points to.

Example

>>> cwd(os.getpid()) == os.getcwd()
True
pwnlib.util.proc.descendants(pid) → dict[source]
Parameters:pid (int) – PID of the process.
Returns:Dictionary mapping the PID of each child of pid to it’s descendants.

Example

>>> d = descendants(os.getppid())
>>> os.getpid() in d.keys()
True
pwnlib.util.proc.exe(pid) → str[source]
Parameters:pid (int) – PID of the process.
Returns:The path of the binary of the process. I.e. what /proc/<pid>/exe points to.

Example

>>> exe(os.getpid()) == os.path.realpath(sys.executable)
True
pwnlib.util.proc.name(pid) → str[source]
Parameters:pid (int) – PID of the process.
Returns:Name of process as listed in /proc/<pid>/status.

Example

>>> p = process('cat')
>>> name(p.pid)
'cat'
pwnlib.util.proc.parent(pid) → int[source]
Parameters:pid (int) – PID of the process.
Returns:Parent PID as listed in /proc/<pid>/status under PPid, or 0 if there is not parent.
pwnlib.util.proc.pid_by_name(name) → int list[source]
Parameters:name (str) – Name of program.
Returns:List of PIDs matching name sorted by lifetime, youngest to oldest.

Example

>>> os.getpid() in pid_by_name(name(os.getpid()))
True
pwnlib.util.proc.pidof(target) → int list[source]

Get PID(s) of target. The returned PID(s) depends on the type of target:

Parameters:target (object) – The target whose PID(s) to find.
Returns:A list of found PIDs.

Example

>>> l = tubes.listen.listen()
>>> p = process(['curl', '-s', 'http://127.0.0.1:%d'%l.lport])
>>> pidof(p) == pidof(l) == pidof(('127.0.0.1', l.lport))
True
pwnlib.util.proc.starttime(pid) → float[source]
Parameters:pid (int) – PID of the process.
Returns:The time (in seconds) the process started after system boot

Example

>>> starttime(os.getppid()) < starttime(os.getpid())
True
pwnlib.util.proc.stat(pid) → str list[source]
Parameters:pid (int) – PID of the process.
Returns:A list of the values in /proc/<pid>/stat, with the exception that ( and ) has been removed from around the process name.

Example

>>> stat(os.getpid())[2]
'R'
pwnlib.util.proc.state(pid) → str[source]
Parameters:pid (int) – PID of the process.
Returns:State of the process as listed in /proc/<pid>/status. See proc(5) for details.

Example

>>> state(os.getpid())
'R (running)'
pwnlib.util.proc.status(pid) → dict[source]

Get the status of a process.

Parameters:pid (int) – PID of the process.
Returns:The contents of /proc/<pid>/status as a dictionary.
pwnlib.util.proc.tracer(pid) → int[source]
Parameters:pid (int) – PID of the process.
Returns:PID of the process tracing pid, or None if no pid is not being traced.

Example

>>> tracer(os.getpid()) is None
True
pwnlib.util.proc.wait_for_debugger(pid, debugger_pid=None) → None[source]

Sleeps until the process with PID pid is being traced. If debugger_pid is set and debugger exits, raises an error.

Parameters:pid (int) – PID of the process.
Returns:None