Boyan-MILANOV
commented
4 years ago Hey, Yes, as you saw the tool changed quite a lot and I didn't add syscall support in the new version yet. However I'm working on it and it should be added soon :)
Closed nurmukhametov closed 4 years ago
Boyan-MILANOV
commented
4 years ago Hey, Yes, as you saw the tool changed quite a lot and I didn't add syscall support in the new version yet. However I'm working on it and it should be added soon :)
Boyan-MILANOV
commented
4 years ago It is now possible to find ropchains for syscalls by specifying the name or the number with the "sys_" prefix. Arguments can be registers or constants:
find sys_execve(0x123456, 0 , 0)
find sys_0xb(edx, 0, 0)So far only Linux syscalls are supported, Windows inline syscalls are more tricky. Don't forget to specify the target system before searching syscalls with:
os set LINUX
There was
exploitmode in the previous version. What can I use now to construct a syscall ropchain as before?