Skip to content

Leakfind

Find a chain of leaks given some starting address.

parser = argparse.ArgumentParser(formatter_class=argparse.RawTextHelpFormatter, description='\nAttempt to find a leak chain given a starting address.\nScans memory near the given address, looks for pointers, and continues that process to attempt to find leaks.\n\nExample: leakfind $rsp --page_name=filename --max_offset=0x48 --max_depth=6. This would look for any chains of leaks that point to a section in filename which begin near $rsp, are never 0x48 bytes further from a known pointer, and are a maximum length of 6.\n') module-attribute

dbg_print_map(maps)

get_rec_addr_string(addr, visited_map)

leakfind(address=None, page_name=None, max_offset=64, max_depth=4, step=1, negative_offset=0)