Rop v-2.1 released : A tool to help you write binary exploits.

0x0mar / April 5, 2015 / Comments Off / Exploits

rop-tool v2.1 (2015-04-05):
– Renamed the project to rop-tool
– Handle Mach-O file format
– –all option added to “gadget” command, to get no-uniq gadgets
– New command : patch, for patching binaries
– New command : info, to get information about a file
– Handle AMD64 PE files as x86-64 binaries
– Fix a bug when opening big endian ELF
– Provide static binaries in releases

ropc is A tool to help you writing binary exploits.

Example ropc :
A tool to help you writing binary exploits

FEATURES :
+ String searching, Gadget searching
+ Colored output
+ Intel and AT&T flavor
+ Support of ELF and PE binary format
+ Support of big and little endian
+ Support of x86 and x86_64 architecture

Usage :

Usage: rop <cmd> [OPTIONS]

Commands :
   gadget      Search gadgets
   search      Search on binary
   help        Print help
   version     Print version

Try "ropc help <cmd>" for more informations about a command.

Usage : ropc gadget [OPTIONS] [FILENAME]

OPTIONS:
  --arch, -A               Select an architecture (in raw mode only)
  --all, -a                Print all gadgets
  --bad, -B           [b]  Specify bad chars in address
  --depth, -d         [d]  Specify the depth for gadget searching (default is 5)
  --flavor, -f        [f]  Select a flavor (att or intel)
  --help, -h               Print this help message
  --no-color, -n           Don't colorize output
  --raw, -r                Open file in raw mode (don't considere any file format)

Usage : rop search [OPTIONS] [FILENAME]

OPTIONS:
  --all-string, -a    [n]  Search all printable strings of at least [n] caracteres. (default is 6)
  --byte, -b          [b]  Search the byte [b] in binary
  --bad, -B           [b]  Specify bad chars in address
  --dword, -d         [d]  Search the dword [d] in binary
  --help, -h               Print this help message
  --no-color, -n           Don't colorize output
  --qword, -q         [q]  Search the qword [q] in binary
  --raw, -r                Open file in raw mode (don't considere any file format)
  --split-string, -s  [s]  Search a string "splited" in memory (which is not contiguous in memory)
  --string, -S        [s]  Search a string (a byte sequence) in binary
  --word, -w          [w]  Search the word [w] in binary

Usage: rop <cmd> [OPTIONS]

Commands :

gadget Search gadgets

search Search on binary

help Print help

version Print version

Try "ropc help <cmd>" for more informations about a command.

Usage : ropc gadget [OPTIONS] [FILENAME]

OPTIONS:

--arch, -A Select an architecture (in raw mode only)

--all, -a Print all gadgets

--bad, -B [b] Specify bad chars in address

--depth, -d [d] Specify the depth for gadget searching (default is 5)

--flavor, -f [f] Select a flavor (att or intel)

--help, -h Print this help message

--no-color, -n Don't colorize output

--raw, -r Open file in raw mode (don't considere any file format)

Usage : rop search [OPTIONS] [FILENAME]

OPTIONS:

--all-string, -a [n] Search all printable strings of at least [n] caracteres. (default is 6)

--byte, -b [b] Search the byte [b] in binary

--bad, -B [b] Specify bad chars in address

--dword, -d [d] Search the dword [d] in binary

--help, -h Print this help message

--no-color, -n Don't colorize output

--qword, -q [q] Search the qword [q] in binary

--raw, -r Open file in raw mode (don't considere any file format)

--split-string, -s [s] Search a string "splited" in memory (which is not contiguous in memory)

--string, -S [s] Search a string (a byte sequence) in binary

--word, -w [w] Search the word [w] in binary

Download :
rop-tool-Linux-i686
rop-tool-Linux-x86_64
Source : https://t0x0sh.org/

Tags: elf, msfpayload, PE Library, PE(Portable Executable)

Archives

Rop v-2.1 released : A tool to help you write binary exploits.