Does ROPgadget support analysis of raw binary image?

[omicronns]

I'm trying to analyze raw binary image dumped from an embedded device - system memory from STM32 microcontroller. Does ROPgadget support this format? How to enable it?

Help says it is supported:

formats supported:
  - ELF
  - PE
  - Mach-O
  - Raw

But when I try to execute it I'm getting an error:

ROPgadget --thumb --rawArch arm --binary stm32_sysmem.bin 
[Error] Binary format not supported

[SweetVishnya]

Yes, ROPgadget supports raw binaries. Do you use latest ROPgadget version?

[omicronns]

I'm using Manjaro linux repository version:

ROPgadget --version
Version:        ROPgadget v6.6
Author:         Jonathan Salwan
Author page:    https://twitter.com/JonathanSalwan
Project page:   http://shell-storm.org/project/ROPgadget

[omicronns]

It works with following command line:

ROPgadget --rawArch arm --rawMode thumb --rawEndian little --binary stm32_sysmem.bin 

Not sure what --thumb switch does then.

[SweetVishnya]

--thumb should do the same as --rawMode thumb:

https://github.com/JonathanSalwan/ROPgadget/blob/master/ropgadget/gadgets.py#L261

[SweetVishnya]

I reproduced an issue:

ROPgadget --binary test-suite-binaries/raw-x86.raw --rawArch arm --thumb        
[Error] Binary format not supported

This seems to be a bug. Looking deeper to fix it.

[omicronns]

Maybe solution is just to remove this switch? It's seems a bit redundant.

[SweetVishnya]

I am already writing a fix to support both ways

[SweetVishnya]

--thumb option is actually useful to search for thumb gadgets in ELF binary.

[SweetVishnya]

Now fixes are in mater and specifying either --thumb or --rawMode thumb is possible.