def _createJmp(self, reg='esp'):
r = Ropper(self._binary.arch)
gadgets = []
for section in self._binary.executableSections:
vaddr = section.virtualAddress
gadgets.extend(r.searchJmpReg(section.bytes, 'esp', vaddr))
if len(gadgets) > 0:
return self._printRopInstruction(gadgets[0])
else:
return ''
def _createJmp(self, reg='esp'):
r = Ropper(self._binary.arch)
gadgets = []
for section in self._binary.executableSections:
vaddr = section.virtualAddress
gadgets.extend(
r.searchJmpReg(section.bytes, 'esp', vaddr))
if len(gadgets) > 0:
return self._printRopInstruction(gadgets[0])
else:
return ''
def _createJmp(self, reg="esp"):
r = Ropper(self._binaries[0])
gadgets = []
for section in self._binaries[0].executableSections:
vaddr = section.offset
gadgets.extend(r.searchJmpReg(section.bytes, reg, vaddr, section=section))
if len(gadgets) > 0:
if (gadgets[0]._binary, gadgets[0]._section) not in self._usedBinaries:
self._usedBinaries.append((gadgets[0]._binary, gadgets[0]._section))
return gadgets[0]
else:
return ""
def _createJmp(self, reg="esp"):
r = Ropper(self._binaries[0])
gadgets = []
for section in self._binaries[0].executableSections:
vaddr = section.virtualAddress
gadgets.extend(r.searchJmpReg(section.bytes, reg, vaddr, section=section))
if len(gadgets) > 0:
if (gadgets[0]._binary, gadgets[0]._section) not in self._usedBinaries:
self._usedBinaries.append((gadgets[0]._binary, gadgets[0]._section))
return self._printRopInstruction(gadgets[0])
else:
return None
def _createJmp(self, reg='esp'):
r = Ropper(self._binaries[0])
gadgets = []
for section in self._binaries[0].executableSections:
vaddr = section.offset
gadgets.extend(
r.searchJmpReg(section.bytes, reg, vaddr, section=section))
if len(gadgets) > 0:
if (gadgets[0]._binary, gadgets[0]._section) not in self._usedBinaries:
self._usedBinaries.append((gadgets[0]._binary, gadgets[0]._section))
return gadgets[0]
else:
return ''
def _createJmp(self, reg='esp'):
r = Ropper(self._binaries[0])
gadgets = []
for section in self._binaries[0].executableSections:
vaddr = section.virtualAddress
gadgets.extend(
r.searchJmpReg(section.bytes, reg, vaddr, section=section))
if len(gadgets) > 0:
if (gadgets[0]._binary, gadgets[0]._section) not in self._usedBinaries:
self._usedBinaries.append((gadgets[0]._binary, gadgets[0]._section))
return self._printRopInstruction(gadgets[0])
else:
return None
def __searchJmpReg(self, regs):
r = Ropper(self.binary)
gadgets = {}
for section in self.binary.executableSections:
vaddr = self.binary.manualImagebase + section.offset if self.binary.manualImagebase != None else section.virtualAddress
gadgets[section] = (
r.searchJmpReg(section.bytes, regs, 0x0, badbytes=unhexlify(self.__options.badbytes), section=section))
self.binary.printer.printTableHeader('JMP Instructions')
counter = 0
for section, gadget in gadgets.items():
for g in gadget:
vaddr = self.binary.manualImagebase + section.offset if self.binary.manualImagebase != None else section.virtualAddress
g.imageBase = vaddr
self.__cprinter.println(g.simpleString())
counter += 1
self.__cprinter.println('')
self.__cprinter.println('%d times opcode found' % counter)
def __searchJmpReg(self, regs):
r = Ropper(self.__binary.arch)
gadgets = {}
for section in self.__binary.executableSections:
gadgets[section] = (r.searchJmpReg(section.bytes,
regs,
0x0,
badbytes=unhexlify(
self.__options.badbytes)))
self.__printer.printTableHeader('JMP Instructions')
counter = 0
for section, gadget in gadgets.items():
for g in gadget:
vaddr = self.__options.I + section.offset if self.__options.I != None else section.virtualAddress
g.imageBase = vaddr
print(g.simpleString())
counter += 1
print('')
print('%d times opcode found' % counter)