Windows Pwn
Mona is used extensively in Windows pwn. It is a part of the Immunity Debugger
1
!mona pattern_create 1000 # Generate a unique 1000 byte buffer
2
!mona pattern_offset 37694136 # Identify the offset of the buffer with EIP address
3
!mona modules -o # This shows the modules used by the program, -o ignores OS modules
4
!mona jmp -r est -m Configuration.dll # Select one of the DLLs not participating in ASLR to find static address
5
​
Copied!
Copy link