From 7de6d2226b9746e2a2d90a00aa130282cb23605d Mon Sep 17 00:00:00 2001
From: Orfeas <38209077+0xfea5@users.noreply.github.com>
Date: Tue, 16 Apr 2024 03:33:40 +0300
Subject: Memory scanning to find byte patterns

---
 src/main.c | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

(limited to 'src/main.c')

diff --git a/src/main.c b/src/main.c
index e255ec5..ee33aac 100644
--- a/src/main.c
+++ b/src/main.c
@@ -23,9 +23,23 @@ int main(int argc, char *argv[])
   waitpid(pid, NULL, __WALL);
   LOG("Attached to process %d\n", pid);
 
-  /* Do stuff ... */
-  parse_vmmap(pid);
+  char *byte_seq = "secret text";
+  size_t byte_seq_len = strlen(byte_seq);
+  MemscanResult *head = memscan(pid, (uint8_t*)byte_seq, byte_seq_len);
+  MemscanResult *cur = head;
 
+  printf("\n\n\nMemory scan results:\n");
+  printf("%-16s|%-16s|%-10s|%-s\n", "Address", "Base", "Offset", "Name");
+  puts("--------------------------------------------------");
+  while (cur) {
+    printf("%-16p|%-16p|%#-10lx|%-s\n",
+	   cur->mapping->begin + cur->offset,
+	   cur->mapping->begin,
+	   cur->offset,
+	   cur->mapping->name);
+    cur = cur->next;
+  }
+  printf("\n\n");
   ptrace(PTRACE_DETACH, pid, NULL, NULL);
   LOG("Detached from process %d\n", pid);
 
-- 
cgit v1.2.3