class MyRopper():
def __init__(self, filename):
self.rs = RopperService()
self.rs.clearCache()
self.rs.addFile(filename)
self.rs.loadGadgetsFor()
self.rs.options.inst_count = 10
self.rs.loadGadgetsFor()
self.rs.loadGadgetsFor() # sometimes Ropper doesn't update new gadgets
def get_gadgets(self, regex):
gadgets = []
for _, g in self.rs.search(search=regex):
gadgets.append(g)
if len(gadgets) > 0:
return gadgets
else:
raise Exception("Cannot find gadgets!")
def contains_string(self, string):
s = self.rs.searchString(string)
t = [a for a in s.values()][0]
return len(t) > 0
def get_arch(self):
return self.rs.files[0].arch._name
@staticmethod
def get_ra_offset(gadget):
"""
Return the offset of next Retun Address on the stack
So you know how many bytes to put before next gadget address
Eg:
lw $ra, 0xAB ($sp) --> return: 0xAB
"""
for line in gadget.lines:
offset_len = re.findall("lw \$ra, (0x[0-9a-f]+)\(\$sp\)", line[1])
if offset_len:
return int(offset_len[0], 16)
raise Exception("Cannot find $ra offset in this gadget!")
class MyRopper():
def __init__(self, filename):
self.rs = RopperService()
self.rs.clearCache()
self.rs.addFile(filename)
self.rs.loadGadgetsFor()
self.rs.options.inst_count = 10
self.rs.loadGadgetsFor()
self.rs.loadGadgetsFor() # sometimes Ropper doesn't update new gadgets
def get_gadgets(self, regex):
gadgets = []
for _, g in self.rs.search(search=regex):
gadgets.append(g)
if len(gadgets) > 0:
return gadgets
else:
raise Exception("Cannot find gadgets!")
def contains_string(self, string):
s = self.rs.searchString(string)
t = [a for a in s.values()][0]
return len(t) > 0
def get_arch(self):
return self.rs.files[0].arch._name
@staticmethod
def get_ra_offset(gadget):
"""
Return the offset of next Retun Address on the stack
So you know how many bytes to put before next gadget address
Eg:
lw $ra, 0xAB ($sp) --> return: 0xAB
"""
for line in gadget.lines:
offset_len = re.findall("lw \$ra, (0x[0-9a-f]+)\(\$sp\)", line[1])
if offset_len:
return int(offset_len[0], 16)
raise Exception("Cannot find $ra offset in this gadget!")
def get_ropper_service(self):
# not all options need to be given
options = {
"color": self.color,
"badbytes": self.badbytes,
"type": "rop",
} # if gadgets are printed, use detailed output; default: False
rs = RopperService(options)
for file in self.files:
if ":" in file:
file, base = file.split(":")
rs.addFile(file, arch=self.arch)
rs.clearCache()
rs.setImageBaseFor(name=file, imagebase=int(base, 16))
else:
rs.addFile(file, arch=self.arch)
rs.clearCache()
rs.loadGadgetsFor(file)
return rs
class MyRopper():
def __init__(self, filename):
self.rs = RopperService()
self.rs.clearCache()
self.rs.addFile(filename)
self.rs.loadGadgetsFor()
self.rs.options.inst_count = 10
self.rs.loadGadgetsFor()
self.rs.loadGadgetsFor()
def get_gadgets(self, regex):
gadgets = []
for _, g in self.rs.search(search=regex):
gadgets.append(g)
if len(gadgets) > 0:
return gadgets
else:
raise Exception("[-] Cannot find gadgets!")
def contains_string(self, string):
s = self.rs.searchString(string)
t = [a for a in s.values()][0]
return len(t) > 0
def get_arch(self):
return self.rs.files[0].arch._name
@staticmethod
def get_ra_offset(gadget):
for line in gadget.lines:
offset_len = re.findall("lw \$ra, (0x[0-9a-f]+)\(\$sp\)", line[1])
if offset_len:
return int(offset_len[0], 16)
raise Exception("[-] Cannot find $ra offset in this gadget!")