On Thu, 11 Sep 2008 02:31:23 -0700 (PDT), ruqiang826 wrote:
I have written a service running backgroud to do something in linux.
unfortunately�$B!$�(BI deleted the source code by mistake, and I can still
see the process running background using "ps aux" :
username 13820 0.0 0.0 60368 2964 ? S Aug20 0:33
python ./UpdateJobStatus.py
I wonder if there is some way to dump the programme
"UpdateJobStatus.py" and get the source code back?
The best way to do it would be to undelete the file,
just as Gerhard suggested.
If you remember any line (or piece) of code from the UpdateJobStatus.py
file you can try to dump the /dev/mem to the hard disk, and then grep
through it (remember that you need root priviledges to access /dev/mem).
I tried it with this code:
http://www.mail-archive.com/li******.../msg03696.html
with a small modification of this line:
nvram = (strtol(argv[1], 0, 0)) << 16;
changed to:
nvram = (strtol(argv[1], 0, 0));
After compilation I just did:
../a.out 0x0 0xffffffff memdump
to get the memory dump.
I am not a memory expert, but 0xffffffff should be enough
for <= 4GB of RAM. If you got more, increase it.
And to make it clear: I do not recommend this way of sorting
things out :)
--
Regards,
Wojtek Walczak,
http://tosh.pl/gminick/ 
