-
Will be useful to search for gadgets that indirectly modify registers that are not implicit by the instruction. This is for example DIV on x86, which drops the mod in xDX.
-
# Things that rop needs
- [ ] auto ropper (not soon)
- [ ] primitive detecting (pivot, leak, write-what-where, etc.)
- [x] start at "end" gadgets and disassemble backwards (for speed) (pr radareo…
-
(まだ問題がGitHubにアップロードされてないので後で追記)
-
Hello, I got ROP gadget at address 0x00159b80
0x00159b80: ldr x8, [x19, #0x18]; add x0, x19, #0x20; blr x8;
I added this address to the base address of libhwui.so (0x7710ddd000). I also got the sy…
-
The command :
ropper --chain="execve" --badbytes 000a0d --file ./heap0_static
The error :
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/ropper/ropchain/arch/r…
-
Currently when looking for rop gadgets I have to often go back and forth and check whether the address of the gadget is actually executable in the debugger. I don't know if there's an easier way but c…
-
Hello there,
Im trying to reproduce this exploit but it is not really working. I tried it using Debian and Ubuntu with old kernel Versions (5.10.0 and 5.10.0) but I can't exploit the system.
I …
-
Dear Siguza, thank you for this project!
For me now its time to move from iOS 9.0.2 to 12.1 on my iPad Air 2 after its finally jailbroken.
Unfortunately I wasn't able to set the nonce.
At first c…
-
-
## Environment
```
Thu 20 Oct 2022 10:27:04 AM EDT
radare2 5.7.9 29128 @ linux-x86-64 git.5.7.8-260-gccbd36e88
commit: ccbd36e8853afdee48c7d6d37a66c17b85c97698 build: 2022-10-07__01:04:35
Linux x…