scanmem-rs is a cli memory scanner for linux.
- Scanning memory
- read/write memory
- buffered read for performance
- executing process with aslr disabled
Attach opens the specified pid See procs, loads its maps and makes the program ready to scan memory.
Usage: attach [pid]
Detach closes the fd to memory and empties out entries and maps.
Usage: detach
Scan will scan the specified range of memory for a value, the range is specified by its map name See maps, the user must provide a bitsize either 32 or 64See bitsize.
Usage: scan [value] [bitsize] [range]
Entries dumps out all address entries where values from a search has been found.
Usage: entries
Read will read a value from the specified address, the user must provide a bitsize either 32 or 64See bitsize.
Usage: read [addr] [bitsize]
Write will write a value to the specified addres, the user must provide a bitsize either 32 or 64See bitsize.
Usage: write [addr] [value] [bitsize]
Lock will continuisly write a value to an address in a seperate thread, locking making it locked. the user must provide a bitsize either 32 or 64See bitsize.
Usage: lock [address] [value] [bitsize]
Unlock will stop the seperate thread writing to the specified address.
Usage: unlock [address]
PtrMap will map out pointer trails until a dead end in a tree-like structure.
Usage: ptrmap [address]
exec-no-aslr will execute the specified program path with address space layout randomization disabled. this command is usefull for finding addresses that are going to be used later for example in game cheating.
Usage: exec-no-aslr [program]
Maps will dump out all the mapped areas of memory with their name in the attached process.
Usage: maps
Procs will dump out all the running processes and their pid.
Usage: procs
Exit will simply exit
Usage: exit