x64dbg / mona Goto Github PK

This project forked from corelan/mona

Fork of mona.py with x64dbg support

License: BSD 3-Clause "New" or "Revised" License

Python 100.00%

mona's Introduction

==== mona

Fork of Corelan’s mona.py for x64dbg. mona is a Windows exploit development swiss army knife. It supports ROP techniques, SEH, cyclic patterns, etc.

To see all commands and usage details, run mona with the help command.

Installation instructions

x64dbg

First, get x64dbgpy for x64dbg Python support. You can grab a release here. Drop the contents of the plugins directory into your x64dbg plugins folder.

Then, put mona.py into the plugins/x64dbgpy folder. You will also need the pykd.py and x64dbgpylib.py files from https://github.com/x64dbg/x64dbgpylib. Finally, put the clean_mona.py script in x64dbgpy/x64dbgpy/autorun.

Now, run mona commands at the x64dbg Python command line with mona.mona(“command”).

Immunity Debugger

Simply drop mona.py into the 'PyCommands' folder (inside the Immunity Debugger application folder).

WinDBG

See https://github.com/corelan/windbglib

Some Supported Commands

modules — Show all loaded modules and their properties (ASLR, Rebase, DEP, etc.)
heap — Show heap related information
seh — Find pointers to assist with SEH overwrite exploits
jmp — Find pointers that will allow you to jump to a register
rop — Finds gadgets that can be used in a ROP exploit and do ROP magic with them
jop — Finds gadgets that can be used in a JOP exploit
pattern_offset — Find location of 4 bytes in a cyclic pattern

mona's People

Contributors

Stargazers

Watchers

Forkers

exploitcollection demonsec666 0xbc makakin snollyg0st3r zenhumany explife0011 metacom27 d3vs3cb3ast classicvalues tmacgit jhu-tmac sfoerster thekjango shangguan-chenxi imurd

mona's Issues

Put a proper description on the repo

See http://reddit.com/r/ReverseEngineering/comments/7grc5w/initial_mona_support_for_x64dbg/dqlq919

😀

IOErrors after running a command

I've installed mona.py as per instructions, but had to build x64dbgpy from sources (because snapshot artifacts are not available, see x64dbg/x64dbgpy#35).
Now after every command with mona I get an IOError, e.g

import mona
mona.mona('modules')

===>

[+] Command used:
!mona modules

---------- Mona command started on 2019-07-19 09:04:28 (v2.0, rev 577) ----------
[+] Processing arguments and criteria
    - Pointer access level : X
[+] Generating module info table, hang on...
    - Processing modules
    - Done. Let's rock 'n roll.
-----------------------------------------------------------------------------------------------------------------------------------------
 Module info :
-----------------------------------------------------------------------------------------------------------------------------------------
<SNIP>
<b>********************************************************************************</b>
<b>Traceback (most recent call last):</b>
<b>  File "C:\Users\ngo\Desktop\x64dbg\release\x32\plugins\x64dbgpy\mona.py", line 18391, in main</b>
<b>    commands[command].parseProc(opts)</b>
<b>  File "C:\Users\ngo\Desktop\x64dbg\release\x32\plugins\x64dbgpy\mona.py", line 11450, in procShowMODULES</b>
<b>    showModuleTable("",modulestosearch)</b>
<b>  File "C:\Users\ngo\Desktop\x64dbg\release\x32\plugins\x64dbgpy\mona.py", line 5825, in showModuleTable</b>
<b>    dbg.log(tline)</b>
<b>  File "C:\Users\ngo\Desktop\x64dbg\release\x32\plugins\x64dbgpy\x64dbgpylib.py", line 862, in log</b>
<b>    pykd.dprintln(self.toAsciiOnly(message), showdml)</b>
<b>  File "C:\Users\ngo\Desktop\x64dbg\release\x32\plugins\x64dbgpy\pykd.py", line 197, in dprintln</b>
<b>    print str</b>
<b>  File "C:\Users\ngo\Desktop\x64dbg\release\x32\plugins\x64dbgpy\x64dbgpy\hooks.py", line 44, in write</b>
<b>    self.__original_stream.write(text)</b>
<b>IOError: [Errno 9] Bad file descriptor</b>
<b></b>
<b>********************************************************************************</b>

Not sure that it is relevant, but

I've retargeted x64dbgpy build into VS2019 on Win10.
I also used swig 4.0.0, which dropped the -ouputtuple (see x64dbg/x64dbgpy#36), so I had to delete this option from swig/setup.py

State of support for mona commands

Cross-referencing issue in x64dbgpylib: x64dbg/x64dbgpylib#5

there are nothing happend when I input '''mona.mona(“modules”)'''

Installation problem

Execuse me, I follow your installation instructions for x64dbg, but it doesn't work. I have some questions about it, I put 'x64dbgpy_x86.lib' and 'x64dbgpy.h' into 'x32dbg\plugins', I don't know if it's right.
(My installation environment is Win XP SP3+x32dbg)

Transfer to x64dbg organization

@mrexodia if you feel it's appropriate, you can transfer this repo to the x64dbg org. I think it belongs better there.