From Collaborative RCE Tool Library

Jump to: navigation, search

mdmp

Tool name: mdmp
Rating: 0.0 (0 votes)
Author: Vlad-Ioan Topan                        
Website: http://code.google.com/p/mdmp/
Current version: 0.2.2
Last updated: October 28, 2010
Direct D/L link: http://code.google.com/p/mdmp/downloads/detail?name=mdmp-0.2.4-beta-binaries.zip
License type: GPL
Description: mdmp - open-source x86 memory/process (command-line) dumper with Python bindings

libmdmp is a C library designed to dump process memory on Windows.

mdmp.exe is a command-line tool exposing most functionality in libmdmp (process/stack/heap/random-mem-address dumping).

pymdmp.pyd is a Python wrapper (only built for 2.7 as of now, trivial to adapt to any 2.x) exposing the memory-dumping functionality in Python.

Example usage:

mdmp:
mdmp.exe /n:explo /e:kernel
- will dump all modules (DLLs) whose name contains "kernel" from all the processes whose name contains "explo"

pymdmp:
import pymdmp
lst = pymdmp.dump(pymdmp.SEL_BY_NAME, pymdmp.DUMP_IMAGE_BY_NAME, 0, processName="explo", moduleName="kernel")
- will return in lst a list of tuples (<process_name>, <PID>, <dump-start-address>, <dump-data>)

Delphi bindings are planned. Feedback is welcome @ vtopan/gmail.

Requires the VC 2005 runtime.
Related URLs:
Usage information - mdmp.exe:
http://code.google.com/p/mdmp/wiki/mdmpexe
Usage information - pymdmp.pyd:
http://code.google.com/p/mdmp/wiki/pymdmp


RSS feed Feed containing all updates for this tool.

You are welcome to add your own useful notes about this tool, for others to see!

Retrieved from "http://www.woodmann.com/collaborative/tools/index.php/Mdmp"


If you find that any information for the tool above is missing, outdated or incorrect, please edit it!
(please also edit it if you think it fits well in some additional category, since this can also be controlled)

Views
Category Navigation Tree
RCE Tools
   Categorized by Target Type  (238)
   Categorized by Tool Type  (1220)
   Anti Anti Test Tools  (16)
   Assemblers  (21)
   Code Coverage Tools  (13)
   Code Injection Tools  (35)
   Code Ripping Tools  (2)
   Crypto Tools  (14)
   Data Extraction Tools  (26)
   Debuggers  (48)
   Decompilers  (27)
   Deobfuscation Tools  (16)
   Dependency Analyzer Tools  (5)
   Diff Tools  (44)
   Disassemblers  (65)
   Dongle Analysis Tools  (26)
   Exe Analyzers  (38)
   Executable File Editors & Patchers  (92)
   Firefox Extensions  (3)
   GUI Manipulation Tools  (18)
   Hardware Reversing Tools  (26)
   Helper Tools  (3)
   Hex Editors  (12)
   IDA Signature Creation Tools  (5)
   Kernel Tools  (13)
   Memory Data Tracing Tools  (8)
   Memory Patchers  (7)
   Memory Search Tools  (8)
   Monitoring Tools  (133)
   Network Tools  (19)
   Packers  (18)
   Patch Packaging Tools  (13)
   Profiler Tools  (11)
   Programming Libraries  (46)
   Regular Expression Tools  (3)
   Resource Editors  (13)
   Reverse Engineering Frameworks  (8)
   Source Code Tools  (12)
   String Finders  (6)
   Symbol Tools  (12)
   System Information Extraction Tools  (9)
   Technical PoC Tools  (8)
   Test and Sandbox Environments  (22)
   Tool Extensions  (170)
   Tool Hiding Tools  (7)
   Tool Signatures  (17)
   Tracers  (19)
   Unpacking Tools  (83)
   Automated Unpackers  (34)
   Dump Fixers  (4)
   IAT Restore Tools  (6)
   Memory Dumpers  (25)
   .NET MSIL Dumpers  (2)
   Process Dumpers  (11)
   OEP Finders  (6)
   Needs New Category  (2)