How to profile Centos6.6 system?

During this period of time, I used volatiletiy to do work related to memory analysis. Since I was doing it on Centos, I needed to create a CentOs profile. I checked volatile's official website and other forums but there was no direct solution. Finally, I tried various methods to find a solution.

1. The first thing is to install the dwarfdump tool. Generally, CentOs sources do not have this, so you need to download it yourself.

First install:

yum install elfutils-devel

Then get the source file of dwarfdump:

wget'http://www.prevanders.net/libdwarf-20140413.tar.gz'

Enter the folder after unzipping

./configure

Make

Then enter the dwarfdump folder

Make install

Since then dwarfdump has been installed

2.g may not be installed in CentOs

The method to install g is:

yum install gcc-c

3. Find the linux folder under the tools folder under the volatility folder,

In the volatile/volatility/tools/linux/ directory:

Make

A dwarfdump format file moudle.dwarfdump

will be generated.

4. Package the systemmap under the boot folder and the moudle.dwarf generated in the third step to generate profile

zip CentOs6.6.zip module.dwarfdump /boot/Systemmap-….

Systemmap will vary depending on the kernel

The above is the detailed content of How to profile Centos6.6 system?. For more information, please follow other related articles on the PHP Chinese website!