forked from Nightbringer21/fridump
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfridump.py
139 lines (117 loc) · 4.24 KB
/
fridump.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
import textwrap
import frida
import os
import sys
import frida.core
import dumper
import utils
import argparse
import logging
logo = """
______ _ _
| ___| (_) | |
| |_ _ __ _ __| |_ _ _ __ ___ _ __
| _| '__| |/ _` | | | | '_ ` _ \| '_ \\
| | | | | | (_| | |_| | | | | | | |_) |
\_| |_| |_|\__,_|\__,_|_| |_| |_| .__/
| |
|_|
"""
# Main Menu
def MENU():
parser = argparse.ArgumentParser(
prog='fridump',
formatter_class=argparse.RawDescriptionHelpFormatter,
description=textwrap.dedent(""))
parser.add_argument('process', help='the process that you will be injecting to')
parser.add_argument('-o', '--out', type=str, help='provide full output directory path. (def: \'dump\')',
metavar="dir")
group = parser.add_mutually_exclusive_group()
group.add_argument('-u', '--usb', action='store_true', help='device connected over usb')
group.add_argument('-R', '--remote', action='store_true', help='remote device connected over TCP - localhost:27042')
parser.add_argument('-v', '--verbose', action='store_true', help='verbose')
parser.add_argument('-r','--read-only',action='store_true', help="dump read-only parts of memory. More data, more errors")
parser.add_argument('-s', '--strings', action='store_true',
help='run strings on all dump files. Saved in output dir.')
parser.add_argument('--max-size', type=int, help='maximum size of dump file in bytes (def: 20971520)',
metavar="bytes")
args = parser.parse_args()
return args
print(logo)
arguments = MENU()
# Define Configurations
APP_NAME = arguments.process
DIRECTORY = ""
USB = arguments.usb
REMOTE = arguments.remote
DEBUG_LEVEL = logging.INFO
STRINGS = arguments.strings
MAX_SIZE = 20971520
PERMS = 'rw-'
pid = "test"
if arguments.read_only:
PERMS = 'r--'
if arguments.verbose:
DEBUG_LEVEL = logging.DEBUG
logging.basicConfig(format='%(levelname)s:%(message)s', level=DEBUG_LEVEL)
# Start a new Session
session = None
try:
if USB:
session = frida.get_usb_device().attach(APP_NAME)
elif REMOTE:
session = frida.get_remote_device().attach(APP_NAME)
else:
session = frida.attach(APP_NAME)
except:
print("Can't connect to App. Have you connected the device?")
sys.exit(0)
# Selecting Output directory
if arguments.out is not None:
DIRECTORY = arguments.out
if os.path.isdir(DIRECTORY):
print("Output directory is set to: " + DIRECTORY)
else:
print("The selected output directory does not exist!")
sys.exit(1)
else:
print("Current Directory: " + str(os.getcwd()))
DIRECTORY = os.path.join(os.getcwd(), "dump")
print("Output directory is set to: " + DIRECTORY)
if not os.path.exists(DIRECTORY):
print("Creating directory...")
os.makedirs(DIRECTORY)
mem_access_viol = ""
print("Starting Memory dump...")
Memories = session.enumerate_ranges(PERMS)
if arguments.max_size is not None:
MAX_SIZE = arguments.max_size
i = 0
l = len(Memories)
# Performing the memory dump
for memory in Memories:
base = memory.base_address
logging.debug("Base Address: " + str(hex(base)))
logging.debug("")
size = memory.size
logging.debug("Size: " + str(size))
if size > MAX_SIZE:
logging.debug("Too big, splitting the dump into chunks")
mem_access_viol = dumper.splitter(session, base, size, MAX_SIZE, mem_access_viol, DIRECTORY)
continue
mem_access_viol = dumper.dump_to_file(session, base, size, mem_access_viol, DIRECTORY)
i += 1
utils.printProgress(i, l, prefix='Progress:', suffix='Complete', bar=50)
print
# Run Strings if selected
if STRINGS:
files = os.listdir(DIRECTORY)
i = 0
l = len(files)
print("Running strings on all files:")
for f1 in files:
utils.strings(f1, DIRECTORY)
i += 1
utils.printProgress(i, l, prefix='Progress:', suffix='Complete', bar=50)
sys.exit("Finished! Press Ctrl+C")
#input('Press Enter to exit...')