Example related — Recovering typical deleted file in GNU/Linux

$which glxgears
/usr/bin/glxgears
$rm /usr/bin/glxgears 
rm: remove write-protected regular file ‘/usr/bin/glxgears’? y
rm: cannot remove ‘/usr/bin/glxgears’: Permission denied
$sudo rm /usr/bin/glxgears 
[sudo] password for jeffrin: 
$ps aux | grep glxgears
jeffrin   2469  4.4  0.6 157656 20888 pts/0    Sl+  22:43   0:07 glxgears
jeffrin   2515  0.0  0.0  12656  1560 pts/1    S+   22:46   0:00 grep glxgears
$sudo cat /proc/246
2466/ 2467/ 2469/ 
$sudo cat /proc/2469/exe > /usr/bin/glxgears
bash: /usr/bin/glxgears: Permission denied
$sudo cat /proc/2469/exe > /usr/bin/glxgears
bash: /usr/bin/glxgears: Permission denied
$su
Password: 
root>cat /proc/2469/exe > /usr/bin/glxgears
root>exit
$/usr/bin/glx
glxdemo   glxheads  glxinfo   
$ls -l /usr/bin/glxgears 
-rw-r--r-- 1 root root 23088 May 13 22:47 /usr/bin/glxgears
$ls -l /usr/bin/gl
glib-compile-resources  glib-genmarshal         glib-mkenums            glxdemo                 glxheads
glib-compile-schemas    glib-gettextize         glilypond               glxgears                glxinfo
$ls -l /usr/bin/glxdemo 
-rwxr-xr-x 1 root root 10376 Jul  8  2014 /usr/bin/glxdemo
$ls -l /usr/bin/glxgears 
-rw-r--r-- 1 root root 23088 May 13 22:47 /usr/bin/glxgears
$sudo chmod +x /usr/bin/glxgears 
$ls -l /usr/bin/glxgears 
-rwxr-xr-x 1 root root 23088 May 13 22:47 /usr/bin/glxgears
$/usr/bin/glxgears 
Running synchronized to the vertical refresh.  The framerate should be
approximately the same as the monitor refresh rate.
379 frames in 5.0 seconds = 75.789 FPS
XIO:  fatal IO error 11 (Resource temporarily unavailable) on X server ":0"
      after 1627 requests (1627 known processed) with 0 events remaining.
$

Example for – Trace all system calls which involve process management

$strace  -e trace=process  python dig.py 
execve("/usr/bin/python", ["python", "dig.py"], [/* 39 vars */]) = 0
arch_prctl(ARCH_SET_FS, 0x7feb563b4700) = 0
I think lscpu command is using proc filesystem to get data.
/* /sys paths */
#define _PATH_SYS_SYSTEM        "/sys/devices/system"
#define _PATH_SYS_CPU           _PATH_SYS_SYSTEM "/cpu"
#define _PATH_SYS_NODE          _PATH_SYS_SYSTEM "/node"
#define _PATH_PROC_XEN          "/proc/xen"
#define _PATH_PROC_XENCAP       _PATH_PROC_XEN "/capabilities"
#define _PATH_PROC_CPUINFO      "/proc/cpuinfo"
#define _PATH_PROC_PCIDEVS      "/proc/bus/pci/devices"
#define _PATH_PROC_SYSINFO      "/proc/sysinfo"
#define _PATH_PROC_STATUS       "/proc/self/status"
#define _PATH_PROC_VZ   "/proc/vz"
#define _PATH_PROC_BC   "/proc/bc"
#define _PATH_PROC_DEVICETREE   "/proc/device-tree"
#define _PATH_DEV_MEM           "/dev/mem"

Number of commands found is :  0
exit_group(0)                           = ?
+++ exited with 0 +++
$man strace
$man strace
$

Hacking with a JavaScript Program

var drawCats = function (howManyTimes) {
  for (var i = 0; i < howManyTimes; i++) {
    console.log(i + " =^.^=);
  }
};
drawCats(11);
VM455:4 Uncaught SyntaxError: Unexpected token ILLEGALmessage: "Unexpected token ILLEGAL"stack: (...)get stack: function () { [native code] }arguments: nullcaller: nulllength: 0name: ""prototype: StackTraceGetter__proto__: function Empty() {}set stack: function () { [native code] }arguments: nullcaller: nulllength: 1name: ""prototype: StackTraceSetter__proto__: function Empty() {}__proto__: Errorconstructor: function SyntaxError() { [native code] }name: "SyntaxError"stack: (...)get stack: function () { [native code] }set stack: function () { [native code] }__proto__: d
var drawCats = function (howManyTimes) {
  for (var i = 0; i < howManyTimes; i++) {
    console.log(i + " =^.^= ");
  }
};
drawCats(11);
VM504:4 0 =^.^= 
VM504:4 1 =^.^= 
VM504:4 2 =^.^= 
VM504:4 3 =^.^= 
VM504:4 4 =^.^= 
VM504:4 5 =^.^= 
VM504:4 6 =^.^= 
VM504:4 7 =^.^= 
VM504:4 8 =^.^= 
VM504:4 9 =^.^= 
VM504:4 10 =^.^= 
undefined
Hacking with strace to find about write calls in a program

$strace -e write python dig.py 
write(1, "\33[31mI think lscpu command is us"..., 69I think lscpu command is using proc filesystem to get data.
) = 69
write(1, "\33[31m/* /sys paths */\33[0m\n", 26/* /sys paths */
) = 26
write(1, "\33[31m#define _PATH_SYS_SYSTEM   "..., 63#define _PATH_SYS_SYSTEM        "/sys/devices/system"
) = 63
write(1, "\33[31m#define _PATH_SYS_CPU      "..., 65#define _PATH_SYS_CPU           _PATH_SYS_SYSTEM "/cpu"
) = 65
write(1, "\33[31m#define _PATH_SYS_NODE     "..., 66#define _PATH_SYS_NODE          _PATH_SYS_SYSTEM "/node"
) = 66
write(1, "\33[31m#define _PATH_PROC_XEN     "..., 53#define _PATH_PROC_XEN          "/proc/xen"
) = 53
write(1, "\33[31m#define _PATH_PROC_XENCAP  "..., 72#define _PATH_PROC_XENCAP       _PATH_PROC_XEN "/capabilities"
) = 72
write(1, "\33[31m#define _PATH_PROC_CPUINFO "..., 57#define _PATH_PROC_CPUINFO      "/proc/cpuinfo"
) = 57
write(1, "\33[31m#define _PATH_PROC_PCIDEVS "..., 65#define _PATH_PROC_PCIDEVS      "/proc/bus/pci/devices"
) = 65
write(1, "\33[31m#define _PATH_PROC_SYSINFO "..., 57#define _PATH_PROC_SYSINFO      "/proc/sysinfo"
) = 57
write(1, "\33[31m#define _PATH_PROC_STATUS  "..., 61#define _PATH_PROC_STATUS       "/proc/self/status"
) = 61
write(1, "\33[31m#define _PATH_PROC_VZ   \"/p"..., 44#define _PATH_PROC_VZ   "/proc/vz"
) = 44
write(1, "\33[31m#define _PATH_PROC_BC   \"/p"..., 44#define _PATH_PROC_BC   "/proc/bc"
) = 44
write(1, "\33[31m#define _PATH_PROC_DEVICETR"..., 61#define _PATH_PROC_DEVICETREE   "/proc/device-tree"
) = 61
write(1, "\33[31m#define _PATH_DEV_MEM      "..., 52#define _PATH_DEV_MEM           "/dev/mem"
) = 52
write(1, "\33[31m\33[0m\n", 10
)         = 10
write(1, "Number of commands found is :  0"..., 33Number of commands found is :  0
) = 33
+++ exited with 0 +++
$

Internal of lscpu command

I think lscpu command is using proc filesystem to get data.
/* /sys paths */
#define _PATH_SYS_SYSTEM        "/sys/devices/system"
#define _PATH_SYS_CPU           _PATH_SYS_SYSTEM "/cpu"
#define _PATH_SYS_NODE          _PATH_SYS_SYSTEM "/node"
#define _PATH_PROC_XEN          "/proc/xen"
#define _PATH_PROC_XENCAP       _PATH_PROC_XEN "/capabilities"
#define _PATH_PROC_CPUINFO      "/proc/cpuinfo"
#define _PATH_PROC_PCIDEVS      "/proc/bus/pci/devices"
#define _PATH_PROC_SYSINFO      "/proc/sysinfo"
#define _PATH_PROC_STATUS       "/proc/self/status"
#define _PATH_PROC_VZ   "/proc/vz"
#define _PATH_PROC_BC   "/proc/bc"
#define _PATH_PROC_DEVICETREE   "/proc/device-tree"
#define _PATH_DEV_MEM           "/dev/mem"

Hacking with python system basics

$python
Python 2.7.9 (default, Mar  1 2015, 12:57:24) 
[GCC 4.9.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import sys, os
>>> len(dir(sys))
69
>>> len(dir(os))
235
>>> len(dir(os.oath))
Traceback (most recent call last):
  File "", line 1, in 
AttributeError: 'module' object has no attribute 'oath'
>>> len(dir(os.path))
53
>>> dir(os)
['EX_CANTCREAT', 'EX_CONFIG', 'EX_DATAERR', 'EX_IOERR', 'EX_NOHOST', 'EX_NOINPUT', 'EX_NOPERM', 'EX_NOUSER', 'EX_OK', 'EX_OSERR', 'EX_OSFILE', 'EX_PROTOCOL', 'EX_SOFTWARE', 'EX_TEMPFAIL', 'EX_UNAVAILABLE', 'EX_USAGE', 'F_OK', 'NGROUPS_MAX', 'O_APPEND', 'O_ASYNC', 'O_CREAT', 'O_DIRECT', 'O_DIRECTORY', 'O_DSYNC', 'O_EXCL', 'O_LARGEFILE', 'O_NDELAY', 'O_NOATIME', 'O_NOCTTY', 'O_NOFOLLOW', 'O_NONBLOCK', 'O_RDONLY', 'O_RDWR', 'O_RSYNC', 'O_SYNC', 'O_TRUNC', 'O_WRONLY', 'P_NOWAIT', 'P_NOWAITO', 'P_WAIT', 'R_OK', 'SEEK_CUR', 'SEEK_END', 'SEEK_SET', 'ST_APPEND', 'ST_MANDLOCK', 'ST_NOATIME', 'ST_NODEV', 'ST_NODIRATIME', 'ST_NOEXEC', 'ST_NOSUID', 'ST_RDONLY', 'ST_RELATIME', 'ST_SYNCHRONOUS', 'ST_WRITE', 'TMP_MAX', 'UserDict', 'WCONTINUED', 'WCOREDUMP', 'WEXITSTATUS', 'WIFCONTINUED', 'WIFEXITED', 'WIFSIGNALED', 'WIFSTOPPED', 'WNOHANG', 'WSTOPSIG', 'WTERMSIG', 'WUNTRACED', 'W_OK', 'X_OK', '_Environ', '__all__', '__builtins__', '__doc__', '__file__', '__name__', '__package__', '_copy_reg', '_execvpe', '_exists', '_exit', '_get_exports_list', '_make_stat_result', '_make_statvfs_result', '_pickle_stat_result', '_pickle_statvfs_result', '_spawnvef', 'abort', 'access', 'altsep', 'chdir', 'chmod', 'chown', 'chroot', 'close', 'closerange', 'confstr', 'confstr_names', 'ctermid', 'curdir', 'defpath', 'devnull', 'dup', 'dup2', 'environ', 'errno', 'error', 'execl', 'execle', 'execlp', 'execlpe', 'execv', 'execve', 'execvp', 'execvpe', 'extsep', 'fchdir', 'fchmod', 'fchown', 'fdatasync', 'fdopen', 'fork', 'forkpty', 'fpathconf', 'fstat', 'fstatvfs', 'fsync', 'ftruncate', 'getcwd', 'getcwdu', 'getegid', 'getenv', 'geteuid', 'getgid', 'getgroups', 'getloadavg', 'getlogin', 'getpgid', 'getpgrp', 'getpid', 'getppid', 'getresgid', 'getresuid', 'getsid', 'getuid', 'initgroups', 'isatty', 'kill', 'killpg', 'lchown', 'linesep', 'link', 'listdir', 'lseek', 'lstat', 'major', 'makedev', 'makedirs', 'minor', 'mkdir', 'mkfifo', 'mknod', 'name', 'nice', 'open', 'openpty', 'pardir', 'path', 'pathconf', 'pathconf_names', 'pathsep', 'pipe', 'popen', 'popen2', 'popen3', 'popen4', 'putenv', 'read', 'readlink', 'remove', 'removedirs', 'rename', 'renames', 'rmdir', 'sep', 'setegid', 'seteuid', 'setgid', 'setgroups', 'setpgid', 'setpgrp', 'setregid', 'setresgid', 'setresuid', 'setreuid', 'setsid', 'setuid', 'spawnl', 'spawnle', 'spawnlp', 'spawnlpe', 'spawnv', 'spawnve', 'spawnvp', 'spawnvpe', 'stat', 'stat_float_times', 'stat_result', 'statvfs', 'statvfs_result', 'strerror', 'symlink', 'sys', 'sysconf', 'sysconf_names', 'system', 'tcgetpgrp', 'tcsetpgrp', 'tempnam', 'times', 'tmpfile', 'tmpnam', 'ttyname', 'umask', 'uname', 'unlink', 'unsetenv', 'urandom', 'utime', 'wait', 'wait3', 'wait4', 'waitpid', 'walk', 'write']
>>> 




Copyright © 2009,  2010,  2011,  2012,  2013, 2014, 2015     BeautifulWork Project    e-mail:  ahiliation@yahoo.co.in
BeautifulWork Project comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law.