def test_badbytes(self): r = Ropper() badbytes = "adfd" gadgets = r.searchGadgets(self.file) gadgets = ropper.filterBadBytes(gadgets, badbytes) gadget = gadgets[0] self.assertNotEqual(gadget.lines[0][0], 0x1ADFD) badbytes = "52f8" gadgets = r.searchPopPopRet(self.file) gadgets = ropper.filterBadBytes(gadgets, badbytes) self.assertNotEqual(gadgets[0].lines[0][0], 0x52F8) badbytes = "b1c7" gadgets = r.searchJmpReg(self.file, ["rsp"]) gadgets = ropper.filterBadBytes(gadgets, badbytes) gadget = gadgets[0] self.assertNotEqual(gadget.lines[0][0], 0xB1C7) with self.assertRaises(RopperError): badbytes = "b1c" gadgets = ropper.filterBadBytes(gadgets, badbytes) with self.assertRaises(RopperError): badbytes = "qwer" gadgets = ropper.filterBadBytes(gadgets, badbytes)
def test_badbytes(self): r = Ropper() badbytes = 'adfd' gadgets = r.searchGadgets(self.file) gadgets = ropper.filterBadBytes(gadgets, badbytes) gadget = gadgets[0] self.assertNotEqual(gadget.lines[0][0], 0x1adfd) badbytes = '52f8' gadgets = r.searchPopPopRet(self.file) gadgets = ropper.filterBadBytes(gadgets, badbytes) self.assertNotEqual(gadgets[0].lines[0][0], 0x52f8) badbytes = 'b1c7' gadgets = r.searchJmpReg(self.file, ['rsp']) gadgets = ropper.filterBadBytes(gadgets, badbytes) gadget = gadgets[0] self.assertNotEqual(gadget.lines[0][0], 0xb1c7) with self.assertRaises(RopperError): badbytes = 'b1c' gadgets = ropper.filterBadBytes(gadgets, badbytes) with self.assertRaises(RopperError): badbytes = 'qwer' gadgets = ropper.filterBadBytes(gadgets, badbytes)
def optionChanged(self, option, old, new): if option in ['all', 'badbytes']: for binary in self.__binaries: if binary.loaded: if self.__options.badbytes: self.__gadgets[binary] = ropper.filterBadBytes(binary.gadgets, self.__options.badbytes) else: self.__gadgets[binary] = binary.gadgets if not self.__options.all: self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary])
def __searchGadgets(self, binary): r = Ropper(self.__cprinter) gadgets = r.searchGadgets(binary, depth=self.__options.depth, gtype=GadgetType[self.__options.type.upper()]) binary.loaded = True binary.gadgets = gadgets self.__gadgets[binary] = ropper.filterBadBytes(gadgets, self.__options.badbytes) if not self.__options.all: self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary]) return self.__gadgets[binary]
def __printGadgets(self, gadgets, category=None, header='Gadgets', detailed=False): gadgets = ropper.filterBadBytes(gadgets, self.__options.badbytes) self.binary.printer.printTableHeader(header) counter = 0 for g in gadgets: if not category or category == g.category[0]: self.__printGadget(g, detailed=detailed) counter += 1 self.__cprinter.println('\n%d gadgets found' % counter)
def __searchGadgets(self, binary): r = Ropper(self.__cprinter) gadgets = r.searchGadgets(binary, instructionCount=self.__options.inst_count, gtype=GadgetType[self.__options.type.upper()]) binary.loaded = True binary.gadgets = gadgets self.__gadgets[binary] = ropper.filterBadBytes(gadgets, self.__options.badbytes) if not self.__options.all: self.__cprinter.printInfo('deleting double gadgets...') self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary], self.__printProgress) return self.__gadgets[binary]
def __searchGadgets(self, binary): r = Ropper(self.__searchGadgetCallback) gadgets = r.searchGadgets(binary, instructionCount=self.__options.inst_count, gtype=GadgetType[self.__options.type.upper()]) binary.loaded = True binary.gadgets = gadgets self.__gadgets[binary] = ropper.filterBadBytes(gadgets, self.__options.badbytes) if not self.__options.all: self.__cprinter.printInfo('deleting double gadgets...') self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary], self.__printProgress) return self.__gadgets[binary]
def __loaddb(self, dbpath): if not dbpath.endswith('.db'): dbpath = dbpath+'.db' if not os.path.exists(dbpath): raise RopperError('db does not exist: '+dbpath) dao = GadgetDAO(dbpath, self.__cprinter) self.binary.gadgets = dao.load(self.binary) self.binary.loaded = True self.__gadgets[self.binary] = ropper.deleteDuplicates(ropper.filterBadBytes(self.binary.gadgets, self.__options.badbytes))
def __loaddb(self, dbpath): if not dbpath.endswith('.db'): dbpath = dbpath + '.db' if not os.path.exists(dbpath): raise RopperError('db does not exist: ' + dbpath) dao = GadgetDAO(dbpath, self.__cprinter) self.binary.gadgets = dao.load(self.binary) self.binary.loaded = True self.__gadgets[self.binary] = ropper.deleteDuplicates( ropper.filterBadBytes(self.binary.gadgets))
def __loaddb(self, dbpath): if not dbpath.endswith('.db'): dbpath = dbpath+'.db' if not os.path.exists(dbpath): raise RopperError('db does not exist: '+dbpath) dao = GadgetDAO(dbpath, self.__cprinter) self.binary.gadgets = dao.load(self.binary) self.binary.loaded = True if not self.__options.all: self.__gadgets[self.binary] = ropper.deleteDuplicates(ropper.filterBadBytes(self.binary.gadgets, self.__options.badbytes), self.__printProgress) else: self.__gadgets[self.binary] = self.binary.gadgets
def __searchGadgets(self, binary): r = Ropper(self.__cprinter) gadgets = r.searchGadgets( binary, depth=self.__options.depth, gtype=GadgetType[self.__options.type.upper()]) binary.loaded = True binary.gadgets = gadgets self.__gadgets[binary] = ropper.filterBadBytes(gadgets, self.__options.badbytes) if not self.__options.all: self.__gadgets[binary] = ropper.deleteDuplicates( self.__gadgets[binary]) return self.__gadgets[binary]
def __searchGadgets(self, binary): r = Ropper(self.__searchGadgetCallback) gadgets = r.searchGadgets(binary, instructionCount=self.__options.inst_count, gtype=GadgetType[self.__options.type.upper()]) binary.loaded = True if self.__options.cfg_only: if isinstance(binary, PE): optHeader = binary._binary.imageNtHeaders.header.OptionalHeader characteristics = optHeader.DllCharacteristics cfgFlag = ImageDllCharacteristics.CONTROL_FLOW_GUARD if characteristics & cfgFlag == cfgFlag: # do some filtering here self.__cprinter.printInfo('deleting CFG invalid gadgets...') gadgets = ropper.cfgFilterGadgets(gadgets, callback=self.__printCfgFilterProgress) binary.gadgets = gadgets self.__gadgets[binary] = ropper.filterBadBytes(gadgets, self.__options.badbytes) if not self.__options.all: self.__cprinter.printInfo('deleting double gadgets...') self.__gadgets[binary] = ropper.deleteDuplicates(self.__gadgets[binary], self.__printProgress) return self.__gadgets[binary]
def __searchPopPopRet(self): r = Ropper(self.__cprinter) pprs = r.searchPopPopRet(self.binary) pprs = ropper.filterBadBytes(pprs, self.__options.badbytes) self.__printGadgets(pprs, header='POP;POP;RET Instructions')
def __searchJmpReg(self, regs): r = Ropper() regs = regs.split(',') gadgets = r.searchJmpReg(self.binary,regs) gadgets = ropper.filterBadBytes(gadgets, self.__options.badbytes) self.__printGadgets(gadgets, header='JMP Instructions')
def __searchPopPopRet(self): r = Ropper(self.__searchGadgetCallback) pprs = r.searchPopPopRet(self.binary) pprs = ropper.filterBadBytes(pprs, self.__options.badbytes) self.__printGadgets(pprs, header='POP;POP;RET Instructions')