代码拉取完成,页面将自动刷新
Most functionality in the Memory Process File System is made available in a easy-to-use convenient Rust API for the use by developers. The Rust API is a wrapper around the native C/C++ API with some extras.
The MemProcFS Rust API is published as the memprocfs crate at crates.io - which makes it very easy to include in your memory analysis projects!
Check out the API documentation at docs.rs.
Check out the example project and the example MemProcFS plugin.
// Initialize MemProcFS on Linux targeting a live Windows system
// by reading memory using a PCILeech PCIe FPGA hardware device.
// After initialization list all processes.
let mut args = ["-printf", "-device", "fpga"].to_vec();
let vmm = Vmm::new("/home/user/memprocfs/vmm.so", &args)?
if let Ok(process_all) = vmm.process_list() {
for process in &*process_all {
println!("{} : {}", process.pid, process.info()?.name);
}
}
// Initialize MemProcFS on Windows - analyzing a memory dump file.
// Also trigger the forensic mode and scan for VMs.
// List all processes in the virtual file system directory /name/.
let mut args = ["-printf", "-forensic", "1", "-vm",
"-device", "C:\\dumps\\memory.dmp"].to_vec();
let vmm = Vmm::new("C:\\MemProcFS\\vmm.dll", &args)?
if let Ok(vfs_all) = vmm.vfs_list("/name/") {
println!("Number of files/directories: {}.", vfs_all.len());
for vfs in &*vfs_all {
println!("{vfs}");
}
}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
