scanmem : a ptrace() tool
Tavis Ormandy has released scanmem which is a debugging utility designed to islolate the address of an arbitrary variable within an executing process. Scanmem simply needs to be told the pid of the process, and the value of the variable at several different times. After several scans of the process, scanmem isolates the position of the variable which allows you to modify its value.
Version 0.02 of scanmem only lets you search for dwords. Maybe Tavis will release a complete version which would be pretty slick. Thanks for the neat tool!
You can download scanmem at the link below:
http://freshmeat.net/projects/scanmem/
