[panda-users] process names
sergej
sergej at msgpeek.net
Thu Aug 16 18:04:51 EDT 2018
Hi Manolis,
that was it -.-
I wrongly assuming the offsets were right, because the syscall2-plugin
was functioning correctly.
Thanks!
Sergej
On 8/11/18 12:21 AM, Manolis Stamatogiannakis wrote:
> Did you make any changes to your VMs? Garbage instead of process names
> sounds like the kernel offsets you are using do not work for your kernel.
>
> M.
>
> Στις Παρ, 10 Αυγ 2018 στις 1:33 π.μ., ο/η sergej <sergej at msgpeek.net>
> έγραψε:
>
>> Hi at all,
>>
>> my intermediate goal is to output name of the currently executed
>> process. The ultimate goal would be to filter my analysis by process
>> names, but that's secondary for this problem.
>>
>> What I do in a nutshell:
>>
>> - On asidChange: OsiProc *cp = get_current_process(cpu)
>>
>> - get the process string std::string(cp->name)
>>
>> This approach worked <=1 year ago, when I originally wrote my plugin.
>> With the current panda-version the output is pretty much garbage. I
>> wrote an example plugin to demonstrate the issue, there's also an
>> example output in the example-section:
>>
>> https://github.com/msgpeek/panda-filter-process/blob/master/README.md
>>
>> Anybody an idea what I am doing wrong?
>>
>> Cheers,
>> Sergej
>>
>>
>>
>> _______________________________________________
>> panda-users mailing list
>> panda-users at mit.edu
>> http://mailman.mit.edu/mailman/listinfo/panda-users
>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
Url : http://mailman.mit.edu/pipermail/panda-users/attachments/20180816/5b794240/attachment.bin
More information about the panda-users
mailing list