Matematician Posted July 30, 2010 Report Posted July 30, 2010 (edited) Scanmemscanmem is a simple interactive debugging utility for linux, used to locate the address of a variable in an executing process. This can be used for the analysis or modification of a hostile process on a compromised machine, reverse engineering, or as a "pokefinder" to cheat at video games.FeaturesInteractive command mode, with online help.Specify target value exactly, or using abstract "higher" and "lower".Supports variable width targets.Set variable to any value.Modify variables once, or continually over user specified period.Detailed information about mappings, allow users to eliminate regions.ExampleYou can use scanmem to cheat at nethack (on systems where nethack is not installed sgid), here is an example session finding and setting my gold to an arbitrary value.$ scanmem --pid `pidof nethack`info: attaching to pid 17907.info: maps file located at /proc/17907/maps opened.info: 17 suitable regions found.Please enter current value, or "help" for other commands.0> The 0 in the scanmem prompt indicates there are no known matches, so I enter my current gold level (12 pieces) and ask it to search for possible matches.0> 12info: searching 0xbfff9000 - 0xc0000000...........okinfo: searching 0x401c2000 - 0x401e3000...........okinfo: searching 0x401c1000 - 0x401c2000...........okinfo: searching 0x401b6000 - 0x401b8000...........okinfo: searching 0x401b5000 - 0x401b6000...........okinfo: searching 0x40189000 - 0x4018a000...........okinfo: searching 0x40188000 - 0x40189000...........okinfo: searching 0x40181000 - 0x40183000...........okinfo: searching 0x4017f000 - 0x40181000...........okinfo: searching 0x40070000 - 0x40071000...........okinfo: searching 0x40068000 - 0x40070000...........okinfo: searching 0x40030000 - 0x40031000...........okinfo: searching 0x40029000 - 0x4002a000...........okinfo: searching 0x4001f000 - 0x40020000...........okinfo: searching 0x40016000 - 0x40017000...........okinfo: searching 0x081d4000 - 0x0820a000...........okinfo: searching 0x081b7000 - 0x081d4000...........okinfo: we currently have 38 matches.38> There are 38 possible matches, I wait until my gold level changes and enter the new value (15 pieces)38> 15info: we currently have 1 matches.info: match identified, use "set" to modify value.info: enter "help" for other commands.1> list[00] 0x081d6d88 { 15} (unassociated, typically .bss)1> set 10000info: setting *0x081d6d88 to 10000...1>Excellent, only one possible match. I use the set command to set it to 10,000. The resulting nethack screen is below.Taviso the Digger St:17 Dx:9 Co:15 In:14 Wi:13 Ch:9 LawfulDlvl:1 $:10000 HP:7(15) Pw:1(1) AC:9 Exp:1 Burdenedscanmem is distributed with a man page that describes all of the commands.A flash demo of scanmem in action is available here.DownloadYou can download the latest version of scanmem from here (sig).MD5(scanmem-0.07.tar.gz)= a28baa2cf69b58b2773e379a49dae11cContactAll bug reports, suggestions or feedback is appreciated.You can contact me at <taviso (a) sdf lonestar org> Edited July 30, 2010 by Matematician 1 Quote
Matematician Posted August 2, 2010 Author Report Posted August 2, 2010 Vad ca nu multa lume este interesata de Linux si Scanmem. Pentru cei care vor arunca un ochi pe acest topic:$ scanmem --pid `pidof firefox-bin`Dupa cum vedeti, puteti modifica variabile si in jocurile flash. Quote
Nytro Posted August 2, 2010 Report Posted August 2, 2010 Deci un Cheat Engine pentru Linux. Super. Quote