forked from Nightbringer21/fridump
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathfridump.py
165 lines (136 loc) · 4.52 KB
/
fridump.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
import textwrap
import frida
import os
import sys
import frida.core
import dumper
import utils
import argparse
import logging
logo = """
______ _ _
| ___| (_) | |
| |_ _ __ _ __| |_ _ _ __ ___ _ __
| _| '__| |/ _` | | | | '_ ` _ \| '_ \\
| | | | | | (_| | |_| | | | | | | |_) |
\_| |_| |_|\__,_|\__,_|_| |_| |_| .__/
| |
|_|
"""
# Main Menu
def MENU():
parser = argparse.ArgumentParser(
prog='fridump',
formatter_class=argparse.RawDescriptionHelpFormatter,
description=textwrap.dedent(""))
parser.add_argument('process',
help='the process that you will be injecting to')
parser.add_argument('-o', '--out', type=str, metavar="dir",
help='provide full output directory path. (def: \'dump\')')
parser.add_argument('-D', '--device', type=str, metavar='id',
help='connect to device with the given id')
parser.add_argument('-U', '--usb', action='store_true',
help='device connected over usb')
parser.add_argument('-v', '--verbose', action='store_true',
help='verbose')
parser.add_argument('-r', '--read-only', action='store_true',
help="dump read-only parts of memory. More data, more errors")
parser.add_argument('-s', '--strings', action='store_true',
help='run strings on all dump files. Saved in output dir.')
parser.add_argument('--max-size', type=int, metavar="bytes",
help='maximum size of dump file in bytes (def: 20971520)')
args = parser.parse_args()
return args
print(logo)
arguments = MENU()
# Define Configurations
APP_NAME = arguments.process
DIRECTORY = ""
USB = arguments.usb
DEVICE = arguments.device
DEBUG_LEVEL = logging.INFO
STRINGS = arguments.strings
MAX_SIZE = 20971520
PERMS = 'rw-'
if arguments.read_only:
PERMS = 'r--'
if arguments.verbose:
DEBUG_LEVEL = logging.DEBUG
logging.basicConfig(format='%(levelname)s:%(message)s', level=DEBUG_LEVEL)
# Start a new Session
session = None
try:
if USB:
session = frida.get_usb_device().attach(APP_NAME)
elif DEVICE:
session = frida.get_device(DEVICE).attach(APP_NAME)
else:
session = frida.attach(APP_NAME)
except Exception as e:
print("Can't connect to App. Have you connected the device?")
logging.debug(str(e))
sys.exit()
# Selecting Output directory
if arguments.out is not None:
DIRECTORY = arguments.out
if os.path.isdir(DIRECTORY):
print("Output directory is set to: " + DIRECTORY)
else:
print("The selected output directory does not exist!")
sys.exit(1)
else:
print("Current Directory: " + str(os.getcwd()))
DIRECTORY = os.path.join(os.getcwd(), "dump")
print("Output directory is set to: " + DIRECTORY)
if not os.path.exists(DIRECTORY):
print("Creating directory...")
os.makedirs(DIRECTORY)
mem_access_viol = ""
print("Starting Memory dump...")
script = session.create_script(
"""'use strict';
rpc.exports = {
enumerateRanges: function (prot) {
return Process.enumerateRangesSync(prot);
},
readMemory: function (address, size) {
return Memory.readByteArray(ptr(address), size);
}
};
""")
script.on("message", utils.on_message)
script.load()
agent = script.exports
ranges = agent.enumerate_ranges(PERMS)
if arguments.max_size is not None:
MAX_SIZE = arguments.max_size
i = 0
l = len(ranges)
# Performing the memory dump
for range in ranges:
base = range["base"]
size = range["size"]
logging.debug("Base Address: " + str(base))
logging.debug("")
logging.debug("Size: " + str(size))
if size > MAX_SIZE:
logging.debug("Too big, splitting the dump into chunks")
mem_access_viol = dumper.splitter(
agent, base, size, MAX_SIZE, mem_access_viol, DIRECTORY)
continue
mem_access_viol = dumper.dump_to_file(
agent, base, size, mem_access_viol, DIRECTORY)
i += 1
utils.printProgress(i, l, prefix='Progress:', suffix='Complete', bar=50)
print("")
# Run Strings if selected
if STRINGS:
files = os.listdir(DIRECTORY)
i = 0
l = len(files)
print("Running strings on all files:")
for f1 in files:
utils.strings(f1, DIRECTORY)
i += 1
utils.printProgress(i, l, prefix='Progress:', suffix='Complete', bar=50)
print("Finished!")