KingNeil
March 7th, 2013, 12:58 PM
Hi, I read the following tutorial on how to access the contents of RAM in Linux....
http://www.rootninja.com/using-dd-to-search-for-strings-in-memory-or-devices/
dd if=/dev/mem | hexdump -C | grep “string to search for”
So, I run the code...
sudo dd if=/dev/mem | hexdump -C > NAMEOFOUTPUTFILEHERE.txt
And... it starts pumping out HEX code, until a few seconds later, where it says:
dd: reading `/dev/mem': Operation not permitted
2056+0 records in
2056+0 records out
1052672 bytes (1.1 MB) copied, 0.44834 s, 2.3 MB/s
So basically.. I am able to get about 3.3 MB of RAM dump contents-- until the program stops, saying "Operation not permitted"
.... And so... I am wondering... why am I not able to dump the entire contents of RAM? Is this a deliberate limitation in Ubuntu, to stop malicious hackers..? Or, is it something else..? Does anybody know..? Thanks
http://www.rootninja.com/using-dd-to-search-for-strings-in-memory-or-devices/
dd if=/dev/mem | hexdump -C | grep “string to search for”
So, I run the code...
sudo dd if=/dev/mem | hexdump -C > NAMEOFOUTPUTFILEHERE.txt
And... it starts pumping out HEX code, until a few seconds later, where it says:
dd: reading `/dev/mem': Operation not permitted
2056+0 records in
2056+0 records out
1052672 bytes (1.1 MB) copied, 0.44834 s, 2.3 MB/s
So basically.. I am able to get about 3.3 MB of RAM dump contents-- until the program stops, saying "Operation not permitted"
.... And so... I am wondering... why am I not able to dump the entire contents of RAM? Is this a deliberate limitation in Ubuntu, to stop malicious hackers..? Or, is it something else..? Does anybody know..? Thanks