class MyRopper(): def __init__(self, filename): self.rs = RopperService() self.rs.clearCache() self.rs.addFile(filename) self.rs.loadGadgetsFor() self.rs.options.inst_count = 10 self.rs.loadGadgetsFor() self.rs.loadGadgetsFor() # sometimes Ropper doesn't update new gadgets def get_gadgets(self, regex): gadgets = [] for _, g in self.rs.search(search=regex): gadgets.append(g) if len(gadgets) > 0: return gadgets else: raise Exception("Cannot find gadgets!") def contains_string(self, string): s = self.rs.searchString(string) t = [a for a in s.values()][0] return len(t) > 0 def get_arch(self): return self.rs.files[0].arch._name @staticmethod def get_ra_offset(gadget): """ Return the offset of next Retun Address on the stack So you know how many bytes to put before next gadget address Eg: lw $ra, 0xAB ($sp) --> return: 0xAB """ for line in gadget.lines: offset_len = re.findall("lw \$ra, (0x[0-9a-f]+)\(\$sp\)", line[1]) if offset_len: return int(offset_len[0], 16) raise Exception("Cannot find $ra offset in this gadget!")
def get_ropper_service(self): # not all options need to be given options = { "color": self.color, "badbytes": self.badbytes, "type": "rop", } # if gadgets are printed, use detailed output; default: False rs = RopperService(options) for file in self.files: if ":" in file: file, base = file.split(":") rs.addFile(file, arch=self.arch) rs.clearCache() rs.setImageBaseFor(name=file, imagebase=int(base, 16)) else: rs.addFile(file, arch=self.arch) rs.clearCache() rs.loadGadgetsFor(file) return rs
class MyRopper(): def __init__(self, filename): self.rs = RopperService() self.rs.clearCache() self.rs.addFile(filename) self.rs.loadGadgetsFor() self.rs.options.inst_count = 10 self.rs.loadGadgetsFor() self.rs.loadGadgetsFor() def get_gadgets(self, regex): gadgets = [] for _, g in self.rs.search(search=regex): gadgets.append(g) if len(gadgets) > 0: return gadgets else: raise Exception("[-] Cannot find gadgets!") def contains_string(self, string): s = self.rs.searchString(string) t = [a for a in s.values()][0] return len(t) > 0 def get_arch(self): return self.rs.files[0].arch._name @staticmethod def get_ra_offset(gadget): for line in gadget.lines: offset_len = re.findall("lw \$ra, (0x[0-9a-f]+)\(\$sp\)", line[1]) if offset_len: return int(offset_len[0], 16) raise Exception("[-] Cannot find $ra offset in this gadget!")