search

0vercl0k / rp

rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.
MIT License
1.79k stars 250 forks source link

Match PE loader's behavior #40

Closed 0vercl0k closed 2 years ago

0vercl0k commented 2 years ago

This PR fixes #35 - the loader doesn't seem to care about 0x20 / IMAGE_SCN_CNT_CODE - only 0x20000000 / IMAGE_SCN_MEM_EXECUTE.