Python Ropper.Ropper Examples

Programming Language: Python

Namespace/Package Name: ropperapp.disasm.rop

Class/Type: Ropper

Method/Function: Ropper

Examples at hotexamples.com: 10

Python Ropper.Ropper - 10 examples found. These are the top rated real world Python examples of ropperapp.disasm.rop.Ropper.Ropper extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

Ropper(10)

searchJmpReg(4)

searchOpcode(2)

searchRopGadgets(2)

disassemble(1)

searchPopPopRet(1)

Example #1

Show file

    def _createJmp(self, reg='esp'):
        r = Ropper(self._binary.arch)
        gadgets = []
        for section in self._binary.executableSections:
            vaddr = section.virtualAddress
            gadgets.extend(r.searchJmpReg(section.bytes, 'esp', vaddr))

        if len(gadgets) > 0:
            return self._printRopInstruction(gadgets[0])
        else:
            return ''

Example #2

Show file

File: ropchainx86.py Project: kernux/Ropper

    def _searchOpcode(self, opcode):
        r = Ropper(self._binaries[0])
        gadgets = []
        for section in self._binaries[0].executableSections:
            vaddr = section.virtualAddress
            gadgets.extend(
                r.searchOpcode(section.bytes, opcode.decode('hex'), section.offset, True, section=section))

        if len(gadgets) > 0:
            return gadgets[0]
        else:
            raise RopChainError('Cannot create gadget for opcode: %x' % opcode)

Example #3

Show file

    def __searchGadgets(self):
        gadgets = {}
        r = Ropper(self.__binary.arch)
        for section in self.__binary.executableSections:
            vaddr = self.__options.I + section.offset if self.__options.I != None else section.virtualAddress
            newGadgets = r.searchRopGadgets(
                section.bytes,
                section.offset,
                vaddr,
                badbytes=unhexlify(self.__options.badbytes),
                depth=self.__options.depth,
                gtype=GadgetType[self.__options.type.upper()])

            gadgets[section] = (newGadgets)
        return gadgets

Example #4

Show file

    def __searchPopPopRet(self):
        r = Ropper(self.__binary.arch)

        self.__printer.printTableHeader('POP;POP;REG Instructions')
        for section in self.__binary.executableSections:

            vaddr = self.__options.I + section.offset if self.__options.I != None else section.virtualAddress
            pprs = r.searchPopPopRet(section.bytes,
                                     0x0,
                                     badbytes=unhexlify(
                                         self.__options.badbytes))
            for ppr in pprs:
                ppr.imageBase = vaddr
                self.__printGadget(ppr)
        print('')

Example #5

Show file

File: ropchainx86.py Project: kernux/Ropper

    def _createJmp(self, reg='esp'):
        r = Ropper(self._binaries[0])
        gadgets = []
        for section in self._binaries[0].executableSections:
            vaddr = section.offset
            gadgets.extend(
                r.searchJmpReg(section.bytes, reg, vaddr, section=section))



        if len(gadgets) > 0:
            if (gadgets[0]._binary, gadgets[0]._section) not in self._usedBinaries:
                self._usedBinaries.append((gadgets[0]._binary, gadgets[0]._section))
            return gadgets[0]
        else:
            return ''

Example #6

Show file

File: ropchainx86.py Project: kernux/Ropper

    def _createJmp(self, reg='esp'):
        r = Ropper(self._binaries[0])
        gadgets = []
        for section in self._binaries[0].executableSections:
            vaddr = section.virtualAddress
            gadgets.extend(
                r.searchJmpReg(section.bytes, reg, vaddr, section=section))



        if len(gadgets) > 0:
            if (gadgets[0]._binary, gadgets[0]._section) not in self._usedBinaries:
                self._usedBinaries.append((gadgets[0]._binary, gadgets[0]._section))
            return self._printRopInstruction(gadgets[0])
        else:
            return None

Example #7

Show file

File: console.py Project: kernux/Ropper

    def __searchGadgets(self, binary):
        gadgets = {}
        r = Ropper(binary)
        for section in binary.executableSections:
            vaddr = self.binary.manualImagebase + section.offset if self.binary.manualImagebase != None else section.virtualAddress
            self.__printInfo('Loading gadgets for section: ' + section.name)
            newGadgets = r.searchRopGadgets(
                section.bytes,
                section.offset,
                vaddr,
                badbytes=unhexlify(self.__options.badbytes),
                depth=self.__options.depth,
                section=section,
                gtype=GadgetType[self.__options.type.upper()],
                pprinter=self.__cprinter)

            gadgets[section] = (newGadgets)
        return gadgets

Example #8

Show file

    def __searchOpcode(self, opcode):
        r = Ropper(self.__binary.arch)
        gadgets = {}
        for section in self.__binary.executableSections:
            gadgets[section] = (r.searchOpcode(
                section.bytes,
                unhexlify(opcode.encode('ascii')),
                0x0,
                badbytes=unhexlify(self.__options.badbytes)))

        self.__printer.printTableHeader('Opcode')
        counter = 0
        for section, gadget in gadgets.items():
            for g in gadget:
                vaddr = self.__options.I + section.offset if self.__options.I != None else section.virtualAddress
                g.imageBase = vaddr
                print(g.simpleString())
                counter += 1
        print('')
        print('%d times opcode found' % counter)

Example #9

Show file

File: console.py Project: kernux/Ropper

    def __disassemble(self, addr, length):
        eSections = self.__binary.executableSections

        for section in eSections:
            if section.virtualAddress <= addr and section.virtualAddress + section.size > addr:
                ropper = Ropper(self.binary)

                code = bytes(bytearray(section.bytes))
                g = ropper.disassemble(code, addr,
                                       addr - section.virtualAddress, length)
                if not g:
                    self.__cprinter.printError(
                        'Cannot disassemble address: %s' % toHex(addr))
                    return
                if length < 0:
                    length = length * -1
                if len(g) < length:
                    self.__cprinter.printInfo(
                        'Cannot disassemble specified count of instructions')
                self.binary.printer.printTableHeader('Instructions')
                self.__cprinter.println(g.disassemblyString())
                return

Example #10

Show file

File: console.py Project: kernux/Ropper

    def __searchJmpReg(self, regs):
        r = Ropper(self.binary)
        gadgets = {}
        for section in self.binary.executableSections:
            vaddr = self.binary.manualImagebase + section.offset if self.binary.manualImagebase != None else section.virtualAddress
            gadgets[section] = (r.searchJmpReg(section.bytes,
                                               regs,
                                               0x0,
                                               badbytes=unhexlify(
                                                   self.__options.badbytes),
                                               section=section))

        self.binary.printer.printTableHeader('JMP Instructions')
        counter = 0
        for section, gadget in gadgets.items():
            for g in gadget:
                vaddr = self.binary.manualImagebase + section.offset if self.binary.manualImagebase != None else section.virtualAddress
                g.imageBase = vaddr
                self.__cprinter.println(g.simpleString())
                counter += 1
        self.__cprinter.println('')
        self.__cprinter.println('%d times opcode found' % counter)