This is the Corelan Team project page for 'mona', a debugger plugin / Exploit Development Swiss Army Knife.
This plugin replaces pvefindaddr, which is no longer supported as of mid june 2011.
- Immunity Debugger 1.83 and up. (Older versions of Immunity Debugger are not supported and may not work.)
Immunity Debugger :
Simply drop mona.py in the PyCommands folder inside your Immunity Debugger program folder.
Check installations instructions here
Suggested Initial configuration¶
Mona has a configuration file which can be used to set 2 global options
If you don't want the pycommand to write its output into the Immunity Debugger or WinDBG program folder, you can set the
workingfolder global option. Let's say we want to store output files in named subfolders of c:\logs :
- create c:\logs
- inside Immunity Debugger, run
!mona config -set workingfolder c:\logs\%p
- inside WinDBG, run
!py mona config -set workingfolder c:\logs\%p
Note : %p will be replaced with the process name at runtime. This way, your output will be automatically categorized, making it easier to retrieve.
If your exploit development machine has modules (shell extensions, etc) which you want to exclude from searches, you can simply add them to the configuration file :
!mona config -set excluded_modules "module1.dll,module2.dll"
!mona config -add excluded_modules "module3.dll"
!py mona config -set excluded_modules "module1.dll,module2.dll"
!py mona config -add excluded_modules "module3.dll"
(if you want to remove a module from the list, simply look for
mona.ini in the Immunity Debugger program folder and edit the file)
Once you have mona installed, you can update it using the following command
!py mona update
This will attempt to update the pycommand over https. If this fails, you can still try to run
!mona update -http
!py mona update -http
You can find installation and usage instructions here
Bugs / Feature requests¶If you want to report bugs or request features, please
- Register a useraccount on redmine (and send me an email indicating you want to report a bug or feature)
- Create a new ticket
Want to contribute yourself ?¶
Create a ticket and submit patches (diff against last version of mona.py)
mona.py is released under the BSD-3 license:
Copyright (c) 2011-2012, Peter Van Eeckhoutte - Corelan GCV All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Corelan nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL PETER VAN EECKHOUTTE OR CORELAN GCV BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Developer: David 'bannedit', David 'thelightcosine', fancy, Jason, lincoln, rick2600, sinn3r, Steven, ziplock
Wiki admins: David 'bannedit', David 'thelightcosine', fancy, Jason, lincoln, rick2600, sinn3r, Steven, ziplock
Wiki Editor: David 'thelightcosine', Jason
Public Issue Reporters: Ant, Christian, David 'thelightcosine', floyd, George, Georgia, Jason, jd, Jesse, Jurriaan, Moshe, OJ