gdbinit/mpress_dumper
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
master
Could not load branches
Nothing to show
Could not load tags
Nothing to show
{{ refName }}
default
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code
-
Clone
Use Git or checkout with SVN using the web URL.
Work fast with our official CLI. Learn more about the CLI.
- Open with GitHub Desktop
- Download ZIP
Sign In Required
Please sign in to use Codespaces.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching GitHub Desktop
If nothing happens, download GitHub Desktop and try again.
Launching Xcode
If nothing happens, download Xcode and try again.
Launching Visual Studio Code
Your codespace will open once ready.
There was a problem preparing your codespace, please try again.
._____.___ ._______ .______ ._______.________.________
: |: ____ |: __ \ : .____/| ___/| ___/
| \ / || : || \____|| : _/\ |___ \|___ \
| |\/ || |___|| : \ | / \| /| /
|___| | ||___| | |___\|_.: __/|__:___/ |__:___/
|___| |___| :/ : :
.______ .____ ._____.___ ._______ ._______.______
:_ _ \ | |___ : |: ____ |: .____/: __ \
| | || | || \ / || : || : _/\ | \____|
| . | || : || |\/ || |___|| / \| : \
|. ____/ | ||___| | ||___| |_.: __/| |___\
:/ |. _____/ |___| :/ |___|
: :/
:
MPRESS Packer dumper
Copyright (c) 2014 Pedro Vilaca. All rights reserved.
http://reverse.put.as - reverser@put.as
This is a MPRESS dumper utility as described in my Shakacon'14 presentation.
(http://reverse.put.as/2014/06/26/shakacon-6-presentation-fuck-you-hacking-team-from-portugal-with-love/)
At the moment it only supports dumping of 32 bits targets. You can finish the 64 bits targets support ;-).
Not a spectacular example of Cocoa code, I definitely suck at it and the whole design could be much better.
In particular how dumping integrates with the GUI and returns unpacking result.
Feel free to improve this and submit your patches.
Right now I don't have much time to make this something better :-(.
Uses Capstone for all disassembling needs.
Since this is a custom debugger it needs to be codesigned to run in latest OS X versions!
Don't forget to modify the Xcode project to point to your certificate.
You should run this in a VM if trying to unpack malware code since it needs to execute the code to unpack
and dump.
Enjoy,
fG!
About
MPRESS dumper for OS X
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published