Posts Tagged ‘disassemble’
Starting to write Immunity Debugger PyCommands : my cheatsheet
Author: Peter Van Eeckhoutte
Add this post to Your Favorite Posts
When I started Win32 exploit development many years ago, my preferred debugger at the time was WinDbg (and some Olly). While Windbg is a great and fast debugger, I quickly figured out that some additional/external tools were required to improve my exploit development experience. Despite the fact that the command line oriented approach in windbg has many advantages, it appeared not the best tool to search for good jump addresses, or to list non-safeseh compiled / non-aslr aware modules, etc…. Ok, looking for a simple “jmp esp” is trivial, but what if you are looking for all pop pop ret combinations in non-safeseh compiled modules… Not an easy task. It is perfectly possible to build plugins for Windbg, but the ones that I have found (MSEC, byakugan (Metasploit)) don’t always work the way I want them …
Posted in 001_Security, Development, Exploit Writing Tutorials, Scripts | 
Tags: api, assemble, cheatsheet, debugger, disassemble, immlib, immunity, immunity debugger, module, plugin, pycommand, python, readmemory, script | 
5 Comments »