Adding support for return 2 csu

Boyan-MILANOV / ropium

ROPium is a tool that helps you building ROP exploits by finding and chaining gadgets together

382 stars 41 forks source link

Adding support for return 2 csu #26

Closed cothan closed 3 years ago

cothan commented 4 years ago

Support for return2csu

I think this is fairly simple, we need ROPgadget to search for ROP chain in sym.libc_csu_init and sym.libc_csu_fini section, so that the ROP chain will be taken into account.

Boyan-MILANOV commented 4 years ago

Hey,

I didn't really understand the nature of the issue.

ROPium is a gadget analyzer and chainer but it doesn't collect gadgets by itself. To do so it uses the gadget finder ROPgadget. If you noticed that ROPgadget doesn't collect gadgets from certain sections containing executable code, then it is a ROPgadget issue, not a ROPium one, isn't it ?

cothan commented 4 years ago

Yes, it's ROPgadget issue, I think it could be marked as enhancement for ropium.