In Immunity debugger lower-case disassembly breaks multiple !mona commands

corelan / mona

Corelan Repository for mona.py

BSD 3-Clause "New" or "Revised" License

1.7k stars 564 forks source link

In Immunity debugger lower-case disassembly breaks multiple !mona commands #18

Closed tanelikaivola closed 7 years ago

tanelikaivola commented 7 years ago

If "Debugging options -> Disasm -> Disassemble in lowercase" is enabled, !mona rop produces invalid results. !mona stackpivot doesn't produce any results.

Suggestions how to fix this (pick one):

Uppercase the disassembly / lowercase find patterns / do whatever needed to make them match
Make !mona commands whine verbosely if disassembly is in lower-case
For the duration of !mona commands, configure Immunity debugger to produce disassembly in upper-case
Document this somehow =D

corelanc0d3r commented 7 years ago

probably needs more testing, but commit https://github.com/corelan/mona/commit/9f1c32bc13823c11c3eb64ffba02152754ec78a0 should fix the issue :)