Hello I have a fast question.
I have been trying to save a full memory dump in IDA Pro in a variable to perform a search with a python script but I did not find the correct function to do it using idaapi.
I want to do something like:
import idaapi
dump=get_memory_dump() # Or whatever function to do it
if "foo" in dump:
print "foo is in dump"
How can I get the dump? Like you can see I want to do a script to found pattherns in the memory while I am debugging a application.
Thank you very much
Use idaapi.nextthat() to search for the byte sequence then use dbg_read_memory() to read the memory of the program being debugged. Since the latter appears to make a copy, reading, say, 4GB would be unwise.