Update to the latest libcdb builds (#177)

david942j · Sep 18, 2021 · 9462b77 · 9462b77
1 parent 604ae4d
commit 9462b77
Show file tree

Hide file tree

Showing 58 changed files with 1,812 additions and 1 deletion.
diff --git a/builds_list b/builds_list
@@ -518,6 +518,7 @@ libc-2.23-0c23056feb23daf0cb1d2f90e153b5f892df83c6
 libc-2.23-11ae3441756e6c2ebf5c962434bf9f07b3ea3deb
 libc-2.23-131c254aed46e6a24cb08f3abe802ea0ef50e5f9
 libc-2.23-1800a4bdb0c42a7bb7a570ed90724fa04de8a4fe
+libc-2.23-18f761287ed46e213bec29c2e440e73fd72373be
 libc-2.23-1b1d19add6d861e16e04e4b8e9864a7bc16c1327
 libc-2.23-1ca54a6e0d76188105b12e49fe6b8019bf08803a
 libc-2.23-1e80992437b5e1cb76bf56605ee8991e76e85f69
@@ -528,6 +529,7 @@ libc-2.23-2891dc7656eed3d8d4f255c41ca6a28caf532079
 libc-2.23-29e38445a740bba5a77b86691e3c51a7e48dc79b
 libc-2.23-2aedae2bb27ac85cf14c36da79747dd88bb2b633
 libc-2.23-2c4ed1bebc9ede033fbbb422f84da9a93cacd88e
+libc-2.23-30773be8cf5bfed9d910c8473dd44eaab2e705ab
 libc-2.23-336976f90c600be7c95a68be6c2f0652cc22347c
 libc-2.23-3612e20f3e2705dcf8fd81ac494a0e20b9e16764
 libc-2.23-369de0e1d833caa693af17f17c83ba937f0a4dad
@@ -541,6 +543,7 @@ libc-2.23-5d45b750d14b7b6ea11c2b57c73746b61592437b
 libc-2.23-5d511bfe32efcb567933d13ab9dc87f0a02d3651
 libc-2.23-60131540dadc6796cab33388349e6e4e68692053
 libc-2.23-60ea46dff84c256650d44c1a32ca609168bee1a6
+libc-2.23-635101aec7213fdc442419bf65a92047a862ff32
 libc-2.23-6462f7cc95a34bd03f42ad150211db68fcf27d44
 libc-2.23-679ad41a6bc9e718a11a36cf9879cac97197e565
 libc-2.23-697f7d05a70ecde852a2eed480bea6a6779b4a27
@@ -592,6 +595,7 @@ libc-2.23-ee0b5a0f65e25f536a868d84e1d912403b56e742
 libc-2.23-ee525f6c9b018c094beedd17b87a4573d7ea7e2e
 libc-2.23-f0c2e03955a845c9a7f9c85228b12c9700d66c50
 libc-2.23-f202f01f10e845e14e7d8ca44cf5d9e4742fca6a
+libc-2.23-f2f2f2af4f3e8597cca1fdff1008a834c78de42b
 libc-2.23-f303ce47c562225a4f3475170333494965760a6a
 libc-2.23-f33f3937b8f458ffd96cf10a22deea1bd85ac61a
 libc-2.23-f4490657edfef482025fff60e85acd5928e0d05b
@@ -627,11 +631,13 @@ libc-2.24-26e84118fee5788eb5d8dda66b7e7f029d2c7800
 libc-2.24-2ee9e1740da616757f2e6d5ba58576c0c7302fff
 libc-2.24-30acfe88fed30ad3f8cb88425b80ea96899655aa
 libc-2.24-33801a6f55c5c3cdf7d83590b433adcbab08a688
+libc-2.24-349119af9e223829ea24f6b7226bdff0182e73f2
 libc-2.24-35764bd71c58942e9131e3547b7c343098212d03
 libc-2.24-389260a6758c3f1dbc741c197e747341ed277cd2
 libc-2.24-3b24749bb184473f81819312e3d86903915eaf65
 libc-2.24-3ea4c67e60e49b8164b692166115bbf927e521db
 libc-2.24-3f89db5baa7e88162377fab6a1590f732a355401
+libc-2.24-3fce81d490804af9759c70bf197380bc05a584c2
 libc-2.24-43adbb1e7368c94fba1ba9020d8ef0808bff5bc4
 libc-2.24-43faee19af5e1d20163c6492862fca1a4146b668
 libc-2.24-45adab2b0ad8604e35eeea0b30d6ec1ad11642af
@@ -668,6 +674,7 @@ libc-2.24-9ae48d5843f29af366655a00fb0636db91328abb
 libc-2.24-9b7db6636c9f2f03c9523b02db229741e2250550
 libc-2.24-9e638553dc7a08748d03c42455ecd6bb9bd8f8cd
 libc-2.24-a4c01d397b6584f7040ef266b16a5d4da0b7a087
+libc-2.24-a51ace667ccae6a8887837efb18259a906704bed
 libc-2.24-a822e789c3428254f309f81600b9e5ae551a3461
 libc-2.24-aad7dbe330f23ea00ca63daf793b766b51aceb5d
 libc-2.24-acd08eb60d44e32e85530f0537d46f8cd422403e
@@ -691,6 +698,7 @@ libc-2.24-d8ba284042773fed1189bcf927960999f4c1de55
 libc-2.24-da518391ad926bb7535f2095df0be265180eeed5
 libc-2.24-dab413a7e3b33dde527af308a09a55ade6b41e84
 libc-2.24-dc799b9197929f88cebc6aa72e3be388cacfb1df
+libc-2.24-deefae132c5a39ba892bc189edd91f73c1ea1f14
 libc-2.24-dff06414a29b97b865ef938e06a7751fe8b1b2d0
 libc-2.24-e0206d9b8d7ad3abc39a94dbc37bb3b42c9f1345
 libc-2.24-e5dc6c0caa39828fa10ed37e642723a581acdb6d
@@ -719,35 +727,45 @@ libc-2.26-f65648a832414f2144ce795d75b6045a1ec2e252
 libc-2.26-fb587bc4429e7d1b0de31a3b9ee8ae78ee797eb0
 libc-2.27-06a8004be6e10c4aeabbe0db74423ace392a2d6b
 libc-2.27-0e188ec5f09c187a7a92784d4b97aa251b15a93c
+libc-2.27-14cd15d2eb0bc25c89045873cf807f7533e4788d
 libc-2.27-2d1c5e0b85cb06ff47fa6fa088ec22cb6e06074e
 libc-2.27-4b06dfe2c46f5e537b3d0a310ab0bda11bcbd681
 libc-2.27-53f40c1d2f3739ae017dcdcef1a17314786e3709
 libc-2.27-63b3d43ad45e1b0f601848c65b067f9e9b40528b
+libc-2.27-73cd526a553b3b47c6dd0d6dc62175263cdc646e
 libc-2.27-9dd0bb57f81671704475d1e5163405f7b4d4b454
 libc-2.27-afdabd83c53f0fc60a059c3305c4f3b57198e51b
 libc-2.27-b417c0ba7cc5cf06d1d1bed6652cedb9253c60d0
 libc-2.27-cc6dd208d3af4bc505f599a90ef8af52f16116e4
+libc-2.27-ce450eb01a5e5acc7ce7b8c2633b02cc1093339e
 libc-2.27-cf1599aa8b3cb35f79dcaea7a8b48704ecf42a19
 libc-2.27-d1237c55f6778f53b369cf22ff81979b2fe340bb
 libc-2.27-d3cf764b2f97ac3efe366ddd07ad902fb6928fd7
+libc-2.27-f4929d2a8af4629477103af6f1cfb3bebce80883
 libc-2.28-26b3c1a40c8a0bd026975a262774bf52aec55107
 libc-2.28-44f5a3efb0e5733fa9d97e690cb36cd4c682bcdb
 libc-2.28-5784a31a1c26f6d2157e585205ebb63dd19ff90f
 libc-2.28-5b157f49586a3ca84d55837f97ff466767dd3445
+libc-2.28-65ed813688b116fdce9e866ad2fef2e734167337
 libc-2.28-6ee9454b96efa9e343f9e8105f2fa4529265ea05
 libc-2.29-2195ff86b0ddead43a7c08f46b95b0887cdb96fa
+libc-2.29-5b7203920d3d786ac40af8e0d5104683335f11be
 libc-2.29-6d8abbab5b004d65bfdf909fd4982103499cd1c9
 libc-2.29-85d5020664b11fd2708859275de41d5ab9d104cf
 libc-2.29-9a1100ebab15d22bbc31836b0656d2fa5a6a1252
+libc-2.29-a8af6c81cb28a37bf3a546970bf64224402f8bd4
+libc-2.29-c19c88c33b60742ca906e0f9f96fe31b8b79ea9c
 libc-2.29-d389232dd725501db38f08e2aca0b44ab3af314f
 libc-2.29-d561ec515222887a1e004555981169199d841024
 libc-2.30-00854a16b9b4b73893627ccb730d97907837e320
 libc-2.30-135c0b4a030ec9b6306ed6b621e1e0dedfd614a3
 libc-2.30-2155f455ad56bd871c8225bcca85ee25c1c197c4
+libc-2.30-33d1f350f13728651d74dd2a56bad1e4e4648f5e
 libc-2.30-3f72ae987c135c35f2e721c61991ec46df8816ab
 libc-2.30-4ab6143b59defc12c3d50d176c78b4e6e5a2c179
 libc-2.30-71373fd43ed6a83e0aab983c3a971e32d459e15f
 libc-2.30-75e3e2d9596aae251330ae7ef3f91a847fc62641
+libc-2.30-7a1e2ae26cef50584af2c60a5ad3a7ae3e9b1446
 libc-2.30-884362aa891ab565e4cf904cd60be984a7941acd
 libc-2.30-93abe093a13b9b10f83b5e6de4a63a0d29175c89
 libc-2.30-bef538440d5b4b0ac6b4575acb3aac4a65316061
@@ -761,19 +779,57 @@ libc-2.30-e3e238714a7998a958651faa0a5e97fafa229ec3
 libc-2.30-f07144cc3d0ac50415f3a2e061be6da672c914ba
 libc-2.30-f44469d65b4efd2e5951513ed7cbf773657f1283
 libc-2.31-05dd8f45f3f82869e5ca8cb214475816e41f469a
+libc-2.31-099b9225bcb0d019d9d60884be583eb31bb5f44e
+libc-2.31-0d1b3211736c4ca528a32ea0d565d41a2ede3b58
 libc-2.31-0df979b8b244294bbc29bbe8f7f6dd6bf89c6820
+libc-2.31-12e412d1938ec3ff79751f0e85f31bc52f7e3722
+libc-2.31-4d4d0853eb075b8b0cfaee0aee7cdf4254a3e877
 libc-2.31-634252e0c5f8b03957a2e529719d4101699a894a
 libc-2.31-6c6ea8a57519f219a10c9d6a6d199dd813680226
+libc-2.31-6dbad1709854c527793f6401666e45a791b7c793
 libc-2.31-6fe07009bc57e6917030d052370d8bed414dd7c0
 libc-2.31-78702aff0796336ccdd432310ba6f84c728c9b3c
+libc-2.31-85d7bb2dad0f8172d1c02c0311a00c4695933beb
 libc-2.31-8614995a8f0152ad4b1b45e28070588546ca7ac8
 libc-2.31-a9053cb60c51ead85c68c941ca4d02f9381844f9
 libc-2.31-b61d34c10e608722a90d339bd9a7ff28b18cd501
 libc-2.31-cdaf4c7a78acdea7ede78ea0240a3d8d5833110f
+libc-2.31-e67e80e70619717709e3180e552a11a285036a54
 libc-2.31-eb3c5cf73a0a6b7f2b3895a56dbc443806700971
 libc-2.31-f3aa1ef59e51e64ff8438f46d225e4ae256c1b03
 libc-2.31-f3ff3fda80b817c464a56eed59ff09dc864eaeb0
+libc-2.31-fb7626dd8b8a50f7685920487e992528834f6775
 libc-2.32-0e5c8d8738927eb715941480b3726fa764cc50ed
+libc-2.32-1e3fb06b8c86b5e282e3e11bd207d399fb4952e2
 libc-2.32-7ec3e74da842ca3c6a9ba20b21303ce1bc7a45af
+libc-2.32-7fba7abef941659c229c2636aa0905c28652ee3f
+libc-2.32-82f6b69e698bb579baefb35a3fb0346632fa2c4d
+libc-2.32-87f011a7e4cc3fc60a54d0d3dd690e7438decc8d
+libc-2.32-92199dd358616182fb49c992330fb05e42eaa423
+libc-2.32-9d60d4bd625a7fe2439db781a5fc91bb69684903
 libc-2.32-a75b0c335a4987f12d17d3b4adb8dc430432b082
+libc-2.32-ac287babd169c70013b752da2713dfb96d9a503f
+libc-2.32-aebd80372a00285a5c486ef72917f935eb8f91be
+libc-2.32-bd0e9dc4e27475b5ab7dc59141daaa2626b8a760
+libc-2.32-bddeb6374fc99723cef3b3baafe48ac78fce13b4
+libc-2.32-cb91dd613d38b806a16bed1b364c084ad63d1a1f
+libc-2.32-d3f1cf7f55b985fd6d989880ec3599724fe40a26
 libc-2.32-e13b24f94b260dd6394bdb2433d2a78e37078d5c
+libc-2.32-e1596c76d0d93d8a36378ba976f034f140618d59
+libc-2.32-f45b67ab28af1581cba8e4713e0fd3b2bc004b2e
+libc-2.33-18edf6b683a2f9768cc0ee9cc64ae6fbb545deb2
+libc-2.33-1c943bf313b5b4546e47b830e70de6bbd6a0ba57
+libc-2.33-2b48299781548c9bc452eac6df39902547c884ed
+libc-2.33-37169e68b33cad12e272bb4896d71fd0d4fd98bb
+libc-2.33-54a6e404e7dc1de7c1434a00b7b1ad325b81f22a
+libc-2.33-7983d313db4a441a3762c8861ca405aa0331c0c8
+libc-2.33-8fdc2b2c65f3d782e52c01b546399eee8aa466dc
+libc-2.33-9143da129b44b931a1c180e2b103e993dd2474fd
+libc-2.33-97c8d90bd86bc698d156630e8803de433a640090
+libc-2.33-9bf4c513db255ab7248cef9f0f96b4403df29852
+libc-2.33-9e592d3efa165bc2bab8b40426370bd50cb0b027
+libc-2.33-abf3b2a9815c0cd6e4280cd99474d34102804eb2
+libc-2.33-b046eecd056a0c30995703f6cfca7a8e3a9ef5fa
+libc-2.33-b2262bfa6f1bffd1e9ddc845276dfaebb7c8f0b9
+libc-2.33-f462ab2b79c7f29fb866da6e087e45261570a09c
+libc-2.33-f4af69206091c7f14a941f2dd77a79a7682a1184
diff --git a/lib/one_gadget/builds/libc-2.23-18f761287ed46e213bec29c2e440e73fd72373be.rb b/lib/one_gadget/builds/libc-2.23-18f761287ed46e213bec29c2e440e73fd72373be.rb
@@ -0,0 +1,46 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6_2.23-0ubuntu11.3_i386/lib/i386-linux-gnu/libc-2.23.so
+# 
+# Intel 80386
+# 
+# GNU C Library (Ubuntu GLIBC 2.23-0ubuntu11.3) stable release version 2.23, by Roland McGrath et al.
+# Copyright (C) 2016 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 5.4.0 20160609.
+# Available extensions:
+# 	crypt add-on version 2.1 by Michael Glad and others
+# 	GNU Libidn by Simon Josefsson
+# 	Native POSIX Threads Library by Ulrich Drepper et al
+# 	BIND-8.2.3-T5B
+# libc ABIs: UNIQUE IFUNC
+# For bug reporting instructions, please see:
+# <https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 240748,
+                      constraints: ["esi is the GOT address of libc", "[esp+0x28] == NULL"],
+                      effect: "execve(\"/bin/sh\", esp+0x28, environ)")
+OneGadget::Gadget.add(build_id, 240750,
+                      constraints: ["esi is the GOT address of libc", "[esp+0x2c] == NULL"],
+                      effect: "execve(\"/bin/sh\", esp+0x2c, environ)")
+OneGadget::Gadget.add(build_id, 240754,
+                      constraints: ["esi is the GOT address of libc", "[esp+0x30] == NULL"],
+                      effect: "execve(\"/bin/sh\", esp+0x30, environ)")
+OneGadget::Gadget.add(build_id, 240761,
+                      constraints: ["esi is the GOT address of libc", "[esp+0x34] == NULL"],
+                      effect: "execve(\"/bin/sh\", esp+0x34, environ)")
+OneGadget::Gadget.add(build_id, 240796,
+                      constraints: ["esi is the GOT address of libc", "[eax] == NULL || eax == NULL", "[[esp]] == NULL || [esp] == NULL"],
+                      effect: "execve(\"/bin/sh\", eax, [esp])")
+OneGadget::Gadget.add(build_id, 240797,
+                      constraints: ["esi is the GOT address of libc", "[[esp]] == NULL || [esp] == NULL", "[[esp+0x4]] == NULL || [esp+0x4] == NULL"],
+                      effect: "execve(\"/bin/sh\", [esp], [esp+0x4])")
+OneGadget::Gadget.add(build_id, 392149,
+                      constraints: ["esi is the GOT address of libc", "eax == NULL"],
+                      effect: "execl(\"/bin/sh\", eax)")
+OneGadget::Gadget.add(build_id, 392150,
+                      constraints: ["esi is the GOT address of libc", "[esp] == NULL"],
+                      effect: "execl(\"/bin/sh\", [esp])")
+
diff --git a/lib/one_gadget/builds/libc-2.23-30773be8cf5bfed9d910c8473dd44eaab2e705ab.rb b/lib/one_gadget/builds/libc-2.23-30773be8cf5bfed9d910c8473dd44eaab2e705ab.rb
@@ -0,0 +1,46 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6_2.23-0ubuntu11.3_amd64/lib/x86_64-linux-gnu/libc-2.23.so
+# 
+# Advanced Micro Devices X86-64
+# 
+# GNU C Library (Ubuntu GLIBC 2.23-0ubuntu11.3) stable release version 2.23, by Roland McGrath et al.
+# Copyright (C) 2016 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 5.4.0 20160609.
+# Available extensions:
+# 	crypt add-on version 2.1 by Michael Glad and others
+# 	GNU Libidn by Simon Josefsson
+# 	Native POSIX Threads Library by Ulrich Drepper et al
+# 	BIND-8.2.3-T5B
+# libc ABIs: UNIQUE IFUNC
+# For bug reporting instructions, please see:
+# <https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 283174,
+                      constraints: ["rax == NULL"],
+                      effect: "execve(\"/bin/sh\", rsp+0x30, environ)")
+OneGadget::Gadget.add(build_id, 283258,
+                      constraints: ["[rsp+0x30] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsp+0x30, environ)")
+OneGadget::Gadget.add(build_id, 840051,
+                      constraints: ["[rcx] == NULL || rcx == NULL", "[r12] == NULL || r12 == NULL"],
+                      effect: "execve(\"/bin/sh\", rcx, r12)")
+OneGadget::Gadget.add(build_id, 840264,
+                      constraints: ["[rax] == NULL || rax == NULL", "[r12] == NULL || r12 == NULL"],
+                      effect: "execve(\"/bin/sh\", rax, r12)")
+OneGadget::Gadget.add(build_id, 983972,
+                      constraints: ["[rsp+0x50] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsp+0x50, environ)")
+OneGadget::Gadget.add(build_id, 983984,
+                      constraints: ["[rsi] == NULL || rsi == NULL", "[[rax]] == NULL || [rax] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsi, [rax])")
+OneGadget::Gadget.add(build_id, 987719,
+                      constraints: ["[rsp+0x70] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsp+0x70, environ)")
+OneGadget::Gadget.add(build_id, 1009648,
+                      constraints: ["[rcx] == NULL || rcx == NULL", "[[rbp-0xf8]] == NULL || [rbp-0xf8] == NULL"],
+                      effect: "execve(\"/bin/sh\", rcx, [rbp-0xf8])")
+
diff --git a/lib/one_gadget/builds/libc-2.23-635101aec7213fdc442419bf65a92047a862ff32.rb b/lib/one_gadget/builds/libc-2.23-635101aec7213fdc442419bf65a92047a862ff32.rb
@@ -0,0 +1,46 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6-i386_2.23-0ubuntu11.3_amd64/lib32/libc-2.23.so
+# 
+# Intel 80386
+# 
+# GNU C Library (Ubuntu GLIBC 2.23-0ubuntu11.3) stable release version 2.23, by Roland McGrath et al.
+# Copyright (C) 2016 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 5.4.0 20160609.
+# Available extensions:
+# 	crypt add-on version 2.1 by Michael Glad and others
+# 	GNU Libidn by Simon Josefsson
+# 	Native POSIX Threads Library by Ulrich Drepper et al
+# 	BIND-8.2.3-T5B
+# libc ABIs: UNIQUE IFUNC
+# For bug reporting instructions, please see:
+# <https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 239644,
+                      constraints: ["esi is the GOT address of libc", "[esp+0x28] == NULL"],
+                      effect: "execve(\"/bin/sh\", esp+0x28, environ)")
+OneGadget::Gadget.add(build_id, 239646,
+                      constraints: ["esi is the GOT address of libc", "[esp+0x2c] == NULL"],
+                      effect: "execve(\"/bin/sh\", esp+0x2c, environ)")
+OneGadget::Gadget.add(build_id, 239650,
+                      constraints: ["esi is the GOT address of libc", "[esp+0x30] == NULL"],
+                      effect: "execve(\"/bin/sh\", esp+0x30, environ)")
+OneGadget::Gadget.add(build_id, 239657,
+                      constraints: ["esi is the GOT address of libc", "[esp+0x34] == NULL"],
+                      effect: "execve(\"/bin/sh\", esp+0x34, environ)")
+OneGadget::Gadget.add(build_id, 239692,
+                      constraints: ["esi is the GOT address of libc", "[eax] == NULL || eax == NULL", "[[esp]] == NULL || [esp] == NULL"],
+                      effect: "execve(\"/bin/sh\", eax, [esp])")
+OneGadget::Gadget.add(build_id, 239693,
+                      constraints: ["esi is the GOT address of libc", "[[esp]] == NULL || [esp] == NULL", "[[esp+0x4]] == NULL || [esp+0x4] == NULL"],
+                      effect: "execve(\"/bin/sh\", [esp], [esp+0x4])")
+OneGadget::Gadget.add(build_id, 389237,
+                      constraints: ["esi is the GOT address of libc", "eax == NULL"],
+                      effect: "execl(\"/bin/sh\", eax)")
+OneGadget::Gadget.add(build_id, 389238,
+                      constraints: ["esi is the GOT address of libc", "[esp] == NULL"],
+                      effect: "execl(\"/bin/sh\", [esp])")
+
diff --git a/lib/one_gadget/builds/libc-2.23-f2f2f2af4f3e8597cca1fdff1008a834c78de42b.rb b/lib/one_gadget/builds/libc-2.23-f2f2f2af4f3e8597cca1fdff1008a834c78de42b.rb
@@ -0,0 +1,43 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6-amd64_2.23-0ubuntu11.3_i386/lib64/libc-2.23.so
+# 
+# Advanced Micro Devices X86-64
+# 
+# GNU C Library (Ubuntu GLIBC 2.23-0ubuntu11.3) stable release version 2.23, by Roland McGrath et al.
+# Copyright (C) 2016 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 5.4.0 20160609.
+# Available extensions:
+# 	crypt add-on version 2.1 by Michael Glad and others
+# 	GNU Libidn by Simon Josefsson
+# 	Native POSIX Threads Library by Ulrich Drepper et al
+# 	BIND-8.2.3-T5B
+# libc ABIs: UNIQUE IFUNC
+# For bug reporting instructions, please see:
+# <https://bugs.launchpad.net/ubuntu/+source/glibc/+bugs>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 259286,
+                      constraints: ["rax == NULL"],
+                      effect: "execve(\"/bin/sh\", rsp+0x30, environ)")
+OneGadget::Gadget.add(build_id, 259370,
+                      constraints: ["[rsp+0x30] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsp+0x30, environ)")
+OneGadget::Gadget.add(build_id, 753847,
+                      constraints: ["[rsi] == NULL || rsi == NULL", "[r12] == NULL || r12 == NULL"],
+                      effect: "execve(\"/bin/sh\", rsi, r12)")
+OneGadget::Gadget.add(build_id, 754056,
+                      constraints: ["[[rbp-0x40]] == NULL || [rbp-0x40] == NULL", "[r12] == NULL || r12 == NULL"],
+                      effect: "execve(\"/bin/sh\", [rbp-0x40], r12)")
+OneGadget::Gadget.add(build_id, 875271,
+                      constraints: ["[rsp+0x70] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsp+0x70, environ)")
+OneGadget::Gadget.add(build_id, 875283,
+                      constraints: ["[rsi] == NULL || rsi == NULL", "[[rax]] == NULL || [rax] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsi, [rax])")
+OneGadget::Gadget.add(build_id, 890033,
+                      constraints: ["[r9] == NULL || r9 == NULL", "[rdx] == NULL || rdx == NULL"],
+                      effect: "execve(\"/bin/sh\", r9, rdx)")
+