def search_gadgets(self, gadgets):
binary = Binary(self.__options.binary)
section = binary.get_exec_sections()
vaddr = binary.get_entry_point()
arch = binary.get_arch()
mode = binary.get_arch_mode()
ret = []
md = Cs(arch, mode)
for gad in gadgets:
all_ref_ret = [
m.start() for m in re.finditer(gad[INSTRUCTION_OP], section)
]
for ref in all_ref_ret:
for depth in range(self.__options.depth):
decodes = md.disasm(
section[ref - depth:ref + gad[INSTRUCTION_SIZE]],
vaddr + ref - depth)
gadget = ""
for decode in decodes:
gadget += (decode.mnemonic + " " + decode.op_str +
" ; ").replace(" ", " ")
if len(gadget) > 0:
gadget = gadget[:-3]
ret += [{
"vaddr":
vaddr + ref - depth,
"gadget":
gadget,
"bytes":
section[ref - depth:ref + gad[INSTRUCTION_SIZE]]
}]
return ret
def get_operation(self, op):
binary = Binary(self.__options.binary)
parser = Parser(op)
arch = binary.get_arch()
mode = binary.get_arch_mode()
md = Cs(arch, mode)
md.detail = True
operation = parser.get_operation()
return md, operation, parser