ropgenerator v2.0 releases: building ROP exploits

ROPGenerator

ROPGenerator is a tool that makes ROP exploits easy. It enables you to automatically find gadgets or build ROP chains. The current version supports x86 and x64 binaries.

It uses the tool ROPgadget to extract gadgets from binaries and the barf-project to disassemble them. After gadgets are extracted, it analyzes them in order to compute their semantic and stores them according to their usefulness. Once the analysis is done, you can request ROPGenerator to automatically find gadgets or ROP chains by supplying semantic queries.

It is written in python. The tool has python2-only dependencies so it runs under python2 so far.

The tool is developed to achieve two main tasks:

  • Find gadgets easily: you can specify a semantic operation you want to perform and ROPGenerator will automatically find suitable gadgets and/or ropchains
  • Build exploits automatically: you can use different strategies to create a full exploit by using built-in exploit and payload delivery strategies

Why using ROPGenerator?

  • Nice Command Line Interface: Enjoy a nice and smooth CLI with easy-to-use commands
  • Semantic gadget search: Find your gadgets quickly by only specifying the desired semantics
  • Gadget chaining engine: No suitable single gadget? ROPGenerator will build ROP chains for you
  • Fully automated exploit building: ROPGenerator can build entire exploits… all by itself!

Changelog v2.0

Rewrite all core modules in C++
– Optimize IR
– Better symbolic execution
– Better symbolic simplifications
– Faster chaining engine
– More chaining strategies
– Better constraint solving

Switch to python3

Install

git clone https://github.com/Boyan-MILANOV/ropgenerator.git
cd ROPgadget && python setup.py install 

Use

Launch

Alt text

Get help

Alt text

Load gadgets from a binary

Alt text

Easily look for gadgets!

Alt text Alt text Alt text Alt text

Automatically generate exploits!

Tutorial

Copyright (c) 2018 Boyan MILANOV

Source: https://github.com/Boyan-MILANOV/

Share