Reading values

With Proctal you can read the contents in memory straight from your terminal. The read command is able to read text, integers, IEEE754 floating point numbers, CPU instructions and more.
The command accepts type options. You can find out all about them here.
Here's how you would read a 32-bit integer that is located at memory address 7FFE79DEA90C of a program whose PID is 12345.

$ proctal read --pid=12345 --address=7FFE79DEA90C --type=integer --integer-bits=32
128

This will output the integer value in ASCII.
You can pass the --pause option to keep the program paused while reading.

• Reading arrays
• Showing address
• Showing bytes in memory
• Printing in binary

Reading arrays

But what if you had an array of 32-bit integers in memory? One way to read all the elements would be to execute the read command at the corresponsing address of each element. But a better way is to take advantage of the --array option. It takes the number of elements as its value.
Here's how you would read an array of 5 32-bit integers.

$ proctal read --pid=12345 --address=7FFE79DEA90C --type=integer --integer-bits=32 --array=5
128
214
-2
100000
-1996472313

Showing address

The command also accepts the --show-address option. This makes it print the address of the value. But you might be wondering how that could be useful when you already have to specify the address in the command. This can be useful when you're printing an array of instructions and you're interested in seeing their addresses.
Here's how that would look like:

$ proctal read --pid=12345 --address=400570 --type=x86 --array=5 --show-address
400570  sub     rsp, 0x18
400574  mov     dword ptr [rsp + 0xc], 0
40057C  call    0x400530
400581  mov     edi, 0x400764
400586  mov     esi, eax

Showing bytes in memory

The --show-bytes option will additionally print a sequence of numbers in hexadecimal that represent the bytes of the value in memory, from the smallest address to the largest.
The following example builds upon the example with --show-address to additionally show the bytecode of the instructions.

$ proctal read --pid=12345 --address=400570 --type=x86 --array=5 --show-address --show-bytes
400570  sub     rsp, 0x18
        48 83 EC 18
400574  mov     dword ptr [rsp + 0xc], 0
        C7 44 24 0C 00 00 00 00
40057C  call    0x400530
        E8 AF FF FF FF
400581  mov     edi, 0x400764
        BF 64 07 40 00
400586  mov     esi, eax
        89 C6

This example allows you to see how integers look like in memory:

$ proctal read --pid=12345 --address=98F213B6 --type=integer --integer-bits=32 --array=4 --show-bytes
12
        0C 00 00 00
-81
        AF FF FF FF
-96
        A0 FF FF FF
2147483647
        FF FF FF 7F

Printing in binary

The --binary option makes the command print the values in binary.
When using this option, the --show-address and --show-bytes options have no effect.