Re: How to make a core dump?

From: Alexander Morozov (zmoro_at_mail.ru)
Date: 09/05/04

  • Next message: Jan Adriaenssens: "Re: redhat patch problem?"
    Date: Sun, 5 Sep 2004 22:19:21 +0400
    To: focus-linux@securityfocus.com
    
    

    Thanks everybody for answering,
    so the simliest way found is to use gdb command "gcore". It dumps
    core by copying memory and making all nessesary headers
    itself, not relying on kernel ability to dump core.

    By the way, the malcious program was injected through a poorly written
    php-script and, as i guess from data obtained using gdb memory-dumping
    functions, was cracking DES-encrypted passwords, provided by
    attacker's server.

    With best regards, A. Morozov.


  • Next message: Jan Adriaenssens: "Re: redhat patch problem?"

    Relevant Pages