Memory¶
Memory¶
-
class
revenge.memory.
Memory
(engine)[source]¶ Bases:
object
Class to simplify getting and writing things to memory.
Examples
# Read a signed 8-bit int from address memory[0x12345].int8 # Returns MemoryBytes object for memory memory[0x12345:0x12666] # Write int directly to memory memory[0x12345] = types.Int8(12) # Write string directly to memory memory[0x12345] = types.StringUTF8("hello!")
-
alloc
(size)[source]¶ Allocate size bytes of memory and get a MemoryBytes object back to use it.
- Parameters
size (int) – How many bytes to allocate.
- Returns
Object for the new memory location.
- Return type
-
alloc_string
(s, encoding='latin-1')[source]¶ Short-hand to run alloc of appropriate size, then write in the string.
- Parameters
s (bytes, str) – String to allocate
encoding (str, optional) – How to encode the string if passed in as type str.
-
alloc_struct
(struct)[source]¶ Short-hand to alloc appropriate space for the struct and write it in.
- Parameters
struct (revenge.types.Struct) – The struct to write into memory.
- Returns
The original struct, but now bound to the new memory location.
- Return type
-
describe_address
(address, color=False)[source]¶ Takes in address and attempts to return a better description of what’s there.
- Parameters
address (int) – What address to describe
color (bool, optional) – Should the description be colored? (default: False)
- Returns
description of the address
- Return type
str
-
property
maps
¶ Return a list of memory ranges that are currently allocated.
-
MemoryBytes¶
-
class
revenge.memory.
MemoryBytes
(engine, address, address_stop=None)[source]¶ Bases:
object
Abstracting what memory location is.
- Parameters
engine (revenge.engines.Engine) – The engine this is tied to.
address (int) – Starting address of the memory location.
address_stop (int, optional) – Optional stopping memory location.
Examples
# Trace specifically the function "win" win = process.memory['a.out:win'] trace = process.techniques.NativeInstructionTracer(exec=True) # This will populate the trace win("input", techniques=trace) print(trace)
-
property
argument_types
¶ Returns the registered arguments types for this function or None if none have been found/registered.
- Type
tuple
-
property
breakpoint
¶ Does this address have an active breakpoint?
- Type
bool
-
property
bytes
¶ Return this as raw bytes.
- Type
bytes
-
cast
(cast_to)[source]¶ Returns this memory cast to whatever type you give it.
Examples
ptr = memory.cast(types.Pointer) struct = types.Struct() struct.add_member('my_int', types.Int) struct.add_member('my_pointer', types.Pointer) struct = memory.cast(struct)
-
property
double
¶ Read as double val
-
property
float
¶ Read as float val
-
free
()[source]¶ bool: Free this memory location. This is only valid if this memory location has been allocated by us.
-
property
implementation
¶
-
property
instruction
¶ Returns an assembly instruction parsed from what is in memory at this location.
- Type
-
property
instruction_block
¶ Returns an AssemblyBlock starting at this instruction.
- Type
-
property
int16
¶ Signed 16-bit int
-
property
int32
¶ Signed 32-bit int
-
property
int64
¶ Signed 64-bit int
-
property
int8
¶ Signed 8-bit int
-
property
name
¶ Descriptive name for this address. Optional.
- Type
str
-
property
pointer
¶ Read as pointer val
-
property
replace
¶
-
property
replace_on_message
¶ Optional callable to be called if/when something inside the function replace sends data back.
Example
# If you just wanted to print out the messages that came back def on_message(x,y): print(x,y) strlen.replace_on_message = on_message
- Type
callable
-
property
return_type
¶ What’s the return type for this? Only valid if this is a function.
-
property
size
¶ Size of this MemoryBytes. Only valid if it was generated as a slice, alloc or something else that has known size.
- Type
int
-
property
string_ansi
¶ Read as ANSI string
-
property
string_utf16
¶ Read as utf-16 string
-
property
string_utf8
¶ Read as utf-8 string
-
property
struct
¶ Write as a struct.
Example
struct = types.Struct() struct.add_member('test1', types.Int32(-5)) struct.add_member('test2', types.Int8(-12)) struct.add_member('test3', types.UInt16(16)) process.memory[0x12345].struct = struct # Or process.memory[0x12345] = struct
-
property
uint16
¶ Unsigned 16-bit int
-
property
uint32
¶ Unsigned 32-bit int
-
property
uint64
¶ Unsigned 64-bit int
-
property
uint8
¶ Unsigned 8-bit int
MemoryRange¶
-
class
revenge.memory.
MemoryRange
(engine, base, size, protection, file=None)[source]¶ Bases:
object
-
property
base
¶ Base address for this range.
- Type
int
-
property
executable
¶ Is this range executable?
- Type
bool
-
property
file
¶ File backing this memory range, or None.
- Type
str
-
property
file_offset
¶ Offset into backing file or None.
- Type
int
-
property
protection
¶ Protection for this range.
- Type
str
-
property
readable
¶ Is this range readable?
- Type
bool
-
set_protection
(read, write, execute)[source]¶ Sets the protection for this memory page.
- Parameters
read (bool) – Allow read?
write (bool) – Allow write?
execute (bool) – Allow execute?
This will call appropriate mprotect or similar. This can be done implicitly from the .protection property.
-
property
size
¶ Size for this range.
- Type
int
-
property
writable
¶ Is this range writable?
- Type
bool
-
property