-
i try to user the ret2dlresolve technique but doesn't seems it works properly. very ofte i get the error message:
Inconsistency detected by ld.so: dl-runtime.c: 63: _dl_fixup: Assertion `ELFW(R_TYPE)…
-
Lots of people here are interested in handling async/await in conjunction with signals. Some approaches that have been suggested:
- @modderme123 's Bubble reactivity uses something like React Suspens…
-
### Description
It looks like angrop discards gadgets that have a stack shift > 0x100 bytes (MAX_PIVOT_BYTES).
In two recent projects, I have found it necessary to jump to a distant portion of the…
-
### Description
Calling CreateJVM function through interop crashes.
### Reproduction Steps
See provided sample.
### Expected behavior
Using interop to create a java runtime should not c…
-
### Description
While using angrop on x86, a syscall gadget containing the x86_64 syscall instruction was identified for use in an example rop chain. This the x86_64 syscall instruction is not valid …
-
### Description
angrop assumes that "pop ds; ret;" gadgets are acceptable for shifting 8 bytes on the stack. This is a bad assumption, and causes failed chains.
The below is the output of the incl…
-
### Description
`do_syscall` does not work with the [blob backend](https://docs.angr.io/en/latest/core-concepts/loading.html#backends) anymore.
### Steps to reproduce the bug
Consider this minimal …
-
### Description
I have run into an issue with long rop chains where calling chain.payload_str() receives a timeout.
```
[angrop] Timeout
```
This is due to the hard coded timeout [here](https:/…
-
### Description
When testing ubuntu i386 libc for add_to_mem, I get the following error:
```
Traceback (most recent call last):
File "test.py", line 61, in
rop.add_to_mem(0xdeadbeef, 0…
-
### Description
As of this [commit](https://github.com/angr/angrop/commit/1a0b0fdb3d7d1b66df8793a339df9d0da42d598c), func_call in arm is misbehaving.
Prior to that commit, func_call was working as …