aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Rinaldi2020-10-13 07:41:25 -0400
committerGitHub2020-10-13 07:41:25 -0400
commit6dd16eb2fb1ebf7412f994622c95e446b99bf3dc (patch)
tree2b77e1722a2def61fdfbc483a5580317dff0a936
parent9ac0173ad744673fc29b3c96a1abaf0189c5156f (diff)
downloadgef-dev.tar.gz
gef-dev.zip
Add vmmap functionality (#574)dev
This was created to help identify which section an arbitrary address belongs to. This should help exploit developers quickly find which section a leak/random address belongs to
-rw-r--r--docs/commands/vmmap.md7
-rw-r--r--gef.py18
2 files changed, 20 insertions, 5 deletions
diff --git a/docs/commands/vmmap.md b/docs/commands/vmmap.md
index 248d840..e037075 100644
--- a/docs/commands/vmmap.md
+++ b/docs/commands/vmmap.md
@@ -1,6 +1,6 @@
## Command vmmap ##
-`vmmap` displays the entire memory space mapping.
+`vmmap` displays the target process's entire memory space mapping.
![vmmap-example](https://i.imgur.com/iau8SwS.png)
@@ -10,6 +10,9 @@ the main reasons I started `GEF` in a first place). For example, you can learn
that ELF running on SPARC architectures always have their `.data` and `heap`
sections set as Read/Write/Execute.
-`vmmap` accepts one argument, a pattern to grep interesting results:
+`vmmap` accepts one argument, either a pattern to match again mapping names,
+or an address to determine which section it belongs to.
![vmmap-grep](http://i.imgur.com/ZFF4QVf.png)
+
+![vmmap-address](https://i.imgur.com/hfcs1jH.png)
diff --git a/gef.py b/gef.py
index 9352d8c..accad96 100644
--- a/gef.py
+++ b/gef.py
@@ -8690,10 +8690,15 @@ class VMMapCommand(GenericCommand):
gef_print(Color.colorify("{:<{w}s}{:<{w}s}{:<{w}s}{:<4s} {:s}".format(*headers, w=get_memory_alignment()*2+3), color))
for entry in vmmap:
- if argv and not argv[0] in entry.path:
+ if not argv:
+ self.print_entry(entry)
continue
-
- self.print_entry(entry)
+ if argv[0] in entry.path:
+ self.print_entry(entry)
+ elif self.is_integer(argv[0]):
+ addr = int(argv[0],0)
+ if addr >= entry.page_start and addr < entry.page_end:
+ self.print_entry(entry)
return
def print_entry(self, entry):
@@ -8732,6 +8737,13 @@ class VMMapCommand(GenericCommand):
))
return
+ def is_integer(self, n):
+ try:
+ int(n,0)
+ except ValueError:
+ return False
+ return True
+
@register_command
class XFilesCommand(GenericCommand):