Name: Anonymous 2012-08-31 14:49
Can anyone here help me with a Cheat Engine style GDB (Gnu debugger) script?
I am a noob to scripting so help is much appreciated.
This is what I have so far:
Usage:
find 30 100
This will search the next 100 instructions and breakpoint when a register holds 30.
But this is only good after a breakpoint in a function/method.
What I want is it to scan the program and find all values by writing the address to a plain text file.
Then on next scan compare to the plain text file and ditch all addresses that do not match.
Rinse and repeat until you narrow down your results(like cheat engine).
Or is it possible to dump something and compare dumps to narrow searches?
I don't expect any help, but I would love you if you did help.
I'm new to reverse engineering type stuff so don't bash me too hard.
I am a noob to scripting so help is much appreciated.
This is what I have so far:
define find
dont-repeat
set $_count=0
while ( $_count < $arg1)
if ( ($r0 == $arg0) || ($r1 == $arg0) || ($r2 == $arg0) || ($r3 == $arg0) || ($r4 == $arg0) || ($r5 == $arg0) || ($r6 == $arg0) || ($r7 == $arg0) || ($r8 == $arg0) || ($r9 == $arg0) || ($r10 == $arg0) || ($r11 == $arg0) || ($r12 == $arg0))
break
set $_count=$arg1
else
si
set $_count++
end
end
endUsage:
find 30 100
This will search the next 100 instructions and breakpoint when a register holds 30.
But this is only good after a breakpoint in a function/method.
What I want is it to scan the program and find all values by writing the address to a plain text file.
Then on next scan compare to the plain text file and ditch all addresses that do not match.
Rinse and repeat until you narrow down your results(like cheat engine).
Or is it possible to dump something and compare dumps to narrow searches?
I don't expect any help, but I would love you if you did help.
I'm new to reverse engineering type stuff so don't bash me too hard.