OneGadget v1.7.2 releases: The best tool for finding one gadget RCE
When playing ctf pwn challenges we usually need the one-gadget RCE (remote code execution), which leads to call
execve('/bin/sh', NULL, NULL).
This gem provides such gadgets finder, no need to use objdump or IDA-pro every time like a fool
To use this tool, type
one_gadget /path/to/libc in the command line and enjoy the magic.
- Added –near options (#76), thanks @umutoztunc !
- Changed target Ruby version to >= 2.3
- Added two libc builds from the latest Ubuntu16.04
$ gem install one_gadget
OneGadget uses symbolic execution to find the constraints of gadgets to be successful.
Show All Gadgets
one_gadget finds too many gadgets to show them in one screen, by default gadgets would be filtered automatically according to the difficulty of constraints.
--level 1 to show all gadgets found instead of only those with higher probabilities.
Copyright (c) 2017 david942j