Skip to content

Catfish is a tool used ease the process of finding ROP gadgets and creating payloads with them.

Notifications You must be signed in to change notification settings

osirislab/Catfish

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

#Catfish ##Introduction Catfish is a tool used ease the process of finding ROP gadgets and creating payloads with them. It is still under development.

##Usage Right now, Catfish is somewhat limited. Here is a simple demo of the interactive version that will call MessageBoxA using code from SwDir.dll.

> load test_bins/swdir.dll
> static 0
> static 0x69218BA0
> static 0x69218C74
> static 0
> call MessageBoxA
> write messagebox.bin
>

messagebox.bin should now contain a basic payload for launching a MessageBox.

##Prerequisites All that is needed to run is Distorm (http://code.google.com/p/distorm/)

##Future Some things planned for the future:

  • Make it actually work for more than just simple payloads
  • Better support for static values on the stack
  • 64-bit support
  • Use of instruction decomposition
  • Automagic ROP chain generation

About

Catfish is a tool used ease the process of finding ROP gadgets and creating payloads with them.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages