Skip to content
Permalink
Browse files

Add support for specifying a range of badbytes

  • Loading branch information...
aagallag committed Mar 24, 2017
1 parent 9351c75 commit f5d4533444a9336fd907e6c5eb5ba582703bbc5c
Showing with 12 additions and 2 deletions.
  1. +1 −1 ropgadget/args.py
  2. +11 −1 ropgadget/options.py
@@ -62,7 +62,7 @@ def __parse(self, arguments, custom_arguments_provided=False):
ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --string main --range 0x080c9aaa-0x080c9aba
ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --memstr "/bin/sh"
ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --console
ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --badbytes "00|7f|42"
ROPgadget.py --binary ./test-suite-binaries/elf-Linux-x86 --badbytes "00|01-1f|7f|42"
ROPgadget.py --binary ./test-suite-binaries/Linux_lib64.so --offset 0xdeadbeef00000000
ROPgadget.py --binary ./test-suite-binaries/elf-ARMv7-ls --depth 5
ROPgadget.py --binary ./test-suite-binaries/elf-ARM64-bash --depth 5
@@ -113,7 +113,17 @@ def __deleteBadBytes(self):
new = []
#Filter out empty badbytes (i.e if badbytes was set to 00|ff| there's an empty badbyte after the last '|')
#and convert each one to the corresponding byte
bbytes = [codecs.decode(bb.encode("ascii"), "hex") for bb in self.__options.badbytes.split("|") if bb]
bbytes = []
for bb in self.__options.badbytes.split("|"):
if '-' in bb:
rng = bb.split('-')
low = ord(rng[0].decode('hex'))
high = ord(rng[1].decode('hex'))
for i in range(low, high):
bbytes.append(chr(i))
else:
bbytes.append(codecs.decode(bb.encode("ascii"), "hex"))

archMode = self.__binary.getArchMode()
for gadget in self.__gadgets:
gadAddr = pack("<L", gadget["vaddr"]) if archMode == CS_MODE_32 else pack("<Q", gadget["vaddr"])

0 comments on commit f5d4533

Please sign in to comment.
You can’t perform that action at this time.