OneGadget v1.7.4 releases: The best tool for finding one gadget RCE
When playing ctf pwn challenges we usually need the one-gadget RCE (remote code execution), which leads to call execve(‘/bin/sh’, NULL, NULL).
This gem provides such gadgets finder, no need to use objdump or IDA-pro every time like a fool
To use this tool, type one_gadget /path/to/libc in the command line and enjoy the magic.
- Fix missing gadgets when two gadgets are too close (#122)
- Use strict keyword arguments representation for Ruby 2.8 (#127)
- to suppress the “Using the last argument as keyword parameters is deprecated” warning since Ruby 2.7
- Add writable constraints to x86 archs (#156)
- Add libc-2.29, 2.30, 2.31, and 2.32 builds
$ gem install one_gadget
OneGadget uses symbolic execution to find the constraints of gadgets to be successful.
Show All Gadgets
one_gadget finds too many gadgets to show them in one screen, by default gadgets would be filtered automatically according to the difficulty of constraints.
--level 1 to show all gadgets found instead of only those with higher probabilities.
Copyright (c) 2017 david942j