Example #1
0
    def test_badbytes(self):
        r = Ropper()

        badbytes = "adfd"
        gadgets = r.searchGadgets(self.file)
        gadgets = ropper.filterBadBytes(gadgets, badbytes)
        gadget = gadgets[0]
        self.assertNotEqual(gadget.lines[0][0], 0x1ADFD)

        badbytes = "52f8"
        gadgets = r.searchPopPopRet(self.file)
        gadgets = ropper.filterBadBytes(gadgets, badbytes)
        self.assertNotEqual(gadgets[0].lines[0][0], 0x52F8)

        badbytes = "b1c7"
        gadgets = r.searchJmpReg(self.file, ["rsp"])
        gadgets = ropper.filterBadBytes(gadgets, badbytes)
        gadget = gadgets[0]
        self.assertNotEqual(gadget.lines[0][0], 0xB1C7)

        with self.assertRaises(RopperError):
            badbytes = "b1c"
            gadgets = ropper.filterBadBytes(gadgets, badbytes)

        with self.assertRaises(RopperError):
            badbytes = "qwer"
            gadgets = ropper.filterBadBytes(gadgets, badbytes)
Example #2
0
    def test_badbytes(self):
        r = Ropper()

        badbytes = 'adfd'
        gadgets = r.searchGadgets(self.file)
        gadgets = ropper.filterBadBytes(gadgets, badbytes)
        gadget = gadgets[0]
        self.assertNotEqual(gadget.lines[0][0], 0x1adfd)

        badbytes = '52f8'
        gadgets = r.searchPopPopRet(self.file)
        gadgets = ropper.filterBadBytes(gadgets, badbytes)
        self.assertNotEqual(gadgets[0].lines[0][0], 0x52f8)

        badbytes = 'b1c7'
        gadgets = r.searchJmpReg(self.file, ['rsp'])
        gadgets = ropper.filterBadBytes(gadgets, badbytes)
        gadget = gadgets[0]
        self.assertNotEqual(gadget.lines[0][0], 0xb1c7)

        with self.assertRaises(RopperError):
            badbytes = 'b1c'
            gadgets = ropper.filterBadBytes(gadgets, badbytes)

        with self.assertRaises(RopperError):
            badbytes = 'qwer'
            gadgets = ropper.filterBadBytes(gadgets, badbytes)
Example #3
0
    def test_badbytes(self):
        r = Ropper()

        badbytes = 'adfd'
        gadgets = r.searchGadgets(self.file)
        gadgets = ropper.filterBadBytes(gadgets, badbytes)
        gadget = gadgets[0]
        self.assertNotEqual(gadget.lines[0][0], 0x1adfd)

        badbytes = '52f8'
        gadgets = r.searchPopPopRet(self.file)
        gadgets = ropper.filterBadBytes(gadgets, badbytes)
        self.assertNotEqual(gadgets[0].lines[0][0], 0x52f8)

        badbytes = 'b1c7'
        gadgets = r.searchJmpReg(self.file, ['rsp'])
        gadgets = ropper.filterBadBytes(gadgets, badbytes)
        gadget = gadgets[0]
        self.assertNotEqual(gadget.lines[0][0], 0xb1c7)

        with self.assertRaises(RopperError):
            badbytes = 'b1c'
            gadgets = ropper.filterBadBytes(gadgets, badbytes)

        with self.assertRaises(RopperError):
            badbytes = 'qwer'
            gadgets = ropper.filterBadBytes(gadgets, badbytes)
Example #4
0
 def optionChanged(self, option, old, new):
     if option in ['all', 'badbytes']:
         for binary in self.__binaries:
             if binary.loaded:
                 if self.__options.badbytes:
                     self.__gadgets[binary] = ropper.filterBadBytes(binary.gadgets, self.__options.badbytes)
                 else:
                     self.__gadgets[binary] = binary.gadgets
                 if not self.__options.all:
                     self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary])
Example #5
0
 def optionChanged(self, option, old, new):
     if option in ['all', 'badbytes']:
         for binary in self.__binaries:
             if binary.loaded:
                 if self.__options.badbytes:
                     self.__gadgets[binary] = ropper.filterBadBytes(binary.gadgets, self.__options.badbytes)
                 else:
                     self.__gadgets[binary] = binary.gadgets
                 if not self.__options.all:
                     self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary])
Example #6
0
    def __searchGadgets(self, binary):
        r = Ropper(self.__cprinter)
        gadgets = r.searchGadgets(binary, depth=self.__options.depth, gtype=GadgetType[self.__options.type.upper()])
        binary.loaded = True
        binary.gadgets = gadgets
        self.__gadgets[binary] = ropper.filterBadBytes(gadgets, self.__options.badbytes)
        if not self.__options.all:
            self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary])

        return self.__gadgets[binary]
Example #7
0
    def __printGadgets(self, gadgets, category=None, header='Gadgets', detailed=False):
        gadgets = ropper.filterBadBytes(gadgets, self.__options.badbytes)
        self.binary.printer.printTableHeader(header)

        counter = 0
        for g in gadgets:
            if not category or category == g.category[0]:
                self.__printGadget(g, detailed=detailed)
                counter += 1

        self.__cprinter.println('\n%d gadgets found' % counter)
Example #8
0
    def __searchGadgets(self, binary):
        r = Ropper(self.__cprinter)
        gadgets = r.searchGadgets(binary, instructionCount=self.__options.inst_count, gtype=GadgetType[self.__options.type.upper()])
        binary.loaded = True
        binary.gadgets = gadgets
        self.__gadgets[binary] = ropper.filterBadBytes(gadgets, self.__options.badbytes)
        if not self.__options.all:
            self.__cprinter.printInfo('deleting double gadgets...')
            self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary], self.__printProgress)

        return self.__gadgets[binary]
Example #9
0
    def __searchGadgets(self, binary):
        r = Ropper(self.__searchGadgetCallback)
        gadgets = r.searchGadgets(binary, instructionCount=self.__options.inst_count, gtype=GadgetType[self.__options.type.upper()])
        binary.loaded = True
        binary.gadgets = gadgets
        self.__gadgets[binary] = ropper.filterBadBytes(gadgets, self.__options.badbytes)
        if not self.__options.all:
            self.__cprinter.printInfo('deleting double gadgets...')
            self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary], self.__printProgress)

        return self.__gadgets[binary]
Example #10
0
    def __printGadgets(self, gadgets, category=None, header='Gadgets', detailed=False):
        gadgets = ropper.filterBadBytes(gadgets, self.__options.badbytes)
        self.binary.printer.printTableHeader(header)

        counter = 0
        for g in gadgets:
            if not category or category == g.category[0]:
                self.__printGadget(g, detailed=detailed)
                counter += 1

        self.__cprinter.println('\n%d gadgets found' % counter)
Example #11
0
    def __loaddb(self, dbpath):
        if not dbpath.endswith('.db'):
            dbpath = dbpath+'.db'
        if not os.path.exists(dbpath):
            raise RopperError('db does not exist: '+dbpath)

        dao = GadgetDAO(dbpath, self.__cprinter)

        self.binary.gadgets = dao.load(self.binary)
        self.binary.loaded = True

        self.__gadgets[self.binary] = ropper.deleteDuplicates(ropper.filterBadBytes(self.binary.gadgets, self.__options.badbytes))
Example #12
0
    def __loaddb(self, dbpath):
        if not dbpath.endswith('.db'):
            dbpath = dbpath + '.db'
        if not os.path.exists(dbpath):
            raise RopperError('db does not exist: ' + dbpath)

        dao = GadgetDAO(dbpath, self.__cprinter)

        self.binary.gadgets = dao.load(self.binary)
        self.binary.loaded = True

        self.__gadgets[self.binary] = ropper.deleteDuplicates(
            ropper.filterBadBytes(self.binary.gadgets))
Example #13
0
    def __loaddb(self, dbpath):
        if not dbpath.endswith('.db'):
            dbpath = dbpath+'.db'
        if not os.path.exists(dbpath):
            raise RopperError('db does not exist: '+dbpath)

        dao = GadgetDAO(dbpath, self.__cprinter)

        self.binary.gadgets = dao.load(self.binary)
        self.binary.loaded = True
        if not self.__options.all:
            self.__gadgets[self.binary] = ropper.deleteDuplicates(ropper.filterBadBytes(self.binary.gadgets, self.__options.badbytes), self.__printProgress)
        else:
            self.__gadgets[self.binary] = self.binary.gadgets
Example #14
0
    def __searchGadgets(self, binary):
        r = Ropper(self.__cprinter)
        gadgets = r.searchGadgets(
            binary,
            depth=self.__options.depth,
            gtype=GadgetType[self.__options.type.upper()])
        binary.loaded = True
        binary.gadgets = gadgets
        self.__gadgets[binary] = ropper.filterBadBytes(gadgets,
                                                       self.__options.badbytes)
        if not self.__options.all:
            self.__gadgets[binary] = ropper.deleteDuplicates(
                self.__gadgets[binary])

        return self.__gadgets[binary]
Example #15
0
    def __searchGadgets(self, binary):
        r = Ropper(self.__searchGadgetCallback)
        gadgets = r.searchGadgets(binary, instructionCount=self.__options.inst_count, gtype=GadgetType[self.__options.type.upper()])
        binary.loaded = True

        if self.__options.cfg_only:
            if isinstance(binary, PE):
                optHeader = binary._binary.imageNtHeaders.header.OptionalHeader
                characteristics = optHeader.DllCharacteristics
                cfgFlag = ImageDllCharacteristics.CONTROL_FLOW_GUARD
                if characteristics & cfgFlag == cfgFlag:
                    # do some filtering here
                    self.__cprinter.printInfo('deleting CFG invalid gadgets...')
                    gadgets = ropper.cfgFilterGadgets(gadgets, callback=self.__printCfgFilterProgress)

        binary.gadgets = gadgets
        self.__gadgets[binary] = ropper.filterBadBytes(gadgets, self.__options.badbytes)
        if not self.__options.all:
            self.__cprinter.printInfo('deleting double gadgets...')
            self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary], self.__printProgress)

        return self.__gadgets[binary]
Example #16
0
 def __searchPopPopRet(self):
     r = Ropper(self.__cprinter)
     pprs = r.searchPopPopRet(self.binary)
     pprs = ropper.filterBadBytes(pprs, self.__options.badbytes)
     self.__printGadgets(pprs, header='POP;POP;RET Instructions')
Example #17
0
 def __searchJmpReg(self, regs):
     r = Ropper()
     regs = regs.split(',')
     gadgets = r.searchJmpReg(self.binary,regs)
     gadgets = ropper.filterBadBytes(gadgets, self.__options.badbytes)
     self.__printGadgets(gadgets, header='JMP Instructions')
Example #18
0
 def __searchPopPopRet(self):
     r = Ropper(self.__searchGadgetCallback)
     pprs = r.searchPopPopRet(self.binary)
     pprs = ropper.filterBadBytes(pprs, self.__options.badbytes)
     self.__printGadgets(pprs, header='POP;POP;RET Instructions')
Example #19
0
 def __searchJmpReg(self, regs):
     r = Ropper()
     regs = regs.split(',')
     gadgets = r.searchJmpReg(self.binary,regs)
     gadgets = ropper.filterBadBytes(gadgets, self.__options.badbytes)
     self.__printGadgets(gadgets, header='JMP Instructions')