ROPInjector - Patching ROP-encoded shellcode into PEs.

ROPInjector – Patching ROP-encoded shellcode into PEs.

ROPInjector is A tool written in C (Win32) to convert any shellcode in ROP and patch it into a given portable executable (PE). It supports only 32-bit target PEs and the x86 instruction set.

ROPInjector will output some comma-delimited stats in the end. These are (in order of appearance):
+ the carrier PE filename
+ the output filename of the resulting patched file
+ initial size of the PE file in bytes
+ shellcode size in bytes
+ patch size in bytes
+ whether unroll is performed
+ whether shellcode has been converted to ROP
+ whether getPC constructs are replaced in the shellcode
+ whether access is given to the shellcode during entry (run first) or during exit (run last)
+ the delay the shellcode sleeps before it runs in seconds
+ initial number of instructions in the shellcode
+ number of instructions in the shellcode after unrolling and other manipulations, but before ROP
+ number of instructions replaced by ROP gadgets (out of the ones in the previous metric, and not the initial number of instructions)
+ number of gadgets injected
+ number of gadget segments
+ number of instructions replaced by injected gadgets

ROPInjector

Dependencies:
+ Visual Studio 2013 or Higher

Usage:

Source: https://github.com/gpoulios