memrepl

memrepl is a frida based script that aims to help a researcher in the task of exploitation of memory corruption related bugs.

The idea is that the researcher can perform database like queries to get information about the contents and layout of the memory of a program. To perform these queries, memrepl exposes several global functions listed below:

  • memory_list: query current memory segments.
  • memory_search: search for a given value.
  • memory_read: read from a memory address.
  • memory_write: write to a memory address.
  • memory_search_pointer: search any pointers starting from a given address.

Installation

# Install `pip` if not installed.
$ easy_install pip

# Install `virtualenv` if not installed.
$ pip install virtualenv

# Create a virtual python environment.
$ virtualenv venv_memrepl

# Activate the environment (POSIX system).
$ source ./venv_memrepl/bin/activate

# Install `memrepl` into the virtual environment.
$ git clone https://github.com/agustingianni/memrepl.git
$ cd memrepl
$ python setup.py install

Usage

Execute memrepl with -h to get help:

$ memrepl -h
usage: memrepl [-h] [-V] (-p PROC_PID | -n PROC_NAME | -l) [-d DEVICE]
               [-m MOD_NAMES]

Memory Grip.

optional arguments:
  -h, --help     show this help message and exit
  -V, --version  show program's version number and exit
  -p PROC_PID    Process PID.
  -n PROC_NAME   Process name (follows unix wildcard patterns).
  -l             Display running processes.
  -d DEVICE      Select a device by ID. Specify `list` to get a list of
                 available devices.
  -m MOD_NAMES   Specify zero or more modules that need to be loaded in the
                 target process.