@pancake@j3s suppose restricting it to the data segment wouldn't be too hard. Not enough experience on the exploit side of things to know if proc makes it easy to do. Cat through awk maybe? Cat is unbuffered, right? I know you can set grep to be.
@Netux@j3s the only way to use procpidmen is via mmap so cat wont work. And yes its possible and desirable to define boundaries when searching on raw memory. Actually the maps file describes the heap, etc so you can use e search.in=io.maps.rw and that would reduce the search to the writable maps. Which is where the user data is stored and avoid scanning the code ir readonly segments
@Netux @j3s the only way to use procpidmen is via mmap so cat wont work. And yes its possible and desirable to define boundaries when searching on raw memory. Actually the maps file describes the heap, etc so you can use e search.in=io.maps.rw and that would reduce the search to the writable maps. Which is where the user data is stored and avoid scanning the code ir readonly segments