1N/A * whatexec.d - Examine the type of files exec'd. 1N/A * Written using DTrace (Solaris 10 3/05) 1N/A * This prints the first four chacacters of files that are executed. 1N/A * This traces the kernel function findexec_by_hdr(), which checks for 1N/A * a known magic number in the file's header. 1N/A * The idea came from a demo I heard about from the UK, where a 1N/A * "blue screen of death" was displayed for "MZ" files (although I 1N/A * haven't seen the script or the demo). 1N/A * $Id: whatexec.d 3 2007-08-01 10:50:08Z brendan $ 1N/A * USAGE: whatexec.d (early release, check for updates) 1N/A * PEXEC parent command name 1N/A * EXEC pathname to file exec'd 1N/A * OK is type runnable, Y/N 1N/A * TYPE first four characters from file 1N/A * COPYRIGHT: Copyright (c) 2006 Brendan Gregg. 1N/A * The contents of this file are subject to the terms of the 1N/A * Common Development and Distribution License, Version 1.0 only 1N/A * (the "License"). You may not use this file except in compliance 1N/A * See the License for the specific language governing permissions 1N/A * and limitations under the License. 1N/A * 11-Feb-2006 Brendan Gregg Created this. 1N/A * 25-Apr-2006 " " Last update. 1N/A printf(
"%-16s %-38s %2s %s\n",
"PEXEC",
"EXEC",
"OK",
"TYPE");