def debugger(dbg, kill=0):
dbg.suspend()
prog_base_addr = dbg.base_address
print "[+] Base address: " + hex(prog_base_addr)
print hex(dbg.base_address)
program = dbg.dump_binary()
output = file("output.bin", "w+").write(program)
print "ALL DONE!"
dbg.detach()
if __name__ == "__main__":
if len(sys.argv) < 2:
print "USAGE [pid]"
exit()
pid = int(sys.argv[1])
dbg = MacDbg()
dbg.attach(pid)
if dbg.task == 0:
print "Failed to attach Check PID"
exit(0)
pid = dbg.pid
print "[+] Attached to task # %s\n" % str(dbg.task)
debugger(dbg, 1)
from libs.const import *
from subprocess import Popen, PIPE
# Scan system and check for libraries loaded at same base address
def base_addr(dbg, name):
if dbg.base_address == 0x100000000:
print dbg.color_red("BASE ADDRESS == LOAD ADDRESS :( -- PID - " + str(dbg.pid)), dbg.color_green(" - NAME " + name)
dbg.detach()
if __name__ == "__main__":
tmp = MacDbg()
process = Popen(["ps", "aux"], stdout=PIPE)
(output, err) = process.communicate()
pids = output.split("\n")
for i in pids:
x = i.split()
try:
pid = x[1]
name = x[10]
name = name[name.find("/")+1:]
tmp.attach(int(pid), 1)
except:
continue
