Roman/HackingScripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

setRegisters

Browse Source
This commit is contained in:
Roman Hergenreder 2020-08-06 18:38:40 +02:00
parent 7300bbf361
commit 8dcb41a838
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
util.py
View File

@ -70,9 +70,8 @@ class Stack:
return addr return addr
def genSyscall(elf, syscall, registers): def setRegisters(elf, registers):
rop = ROP(elf) rop = ROP(elf)
registers["rax"] = syscall
for t in rop.setRegisters(registers): for t in rop.setRegisters(registers):
value = t[0] value = t[0]
gadget = t[1] gadget = t[1]
@ -83,7 +82,11 @@ def genSyscall(elf, syscall, registers):
rop.raw(registers[reg]) rop.raw(registers[reg])
else: else:
rop.raw(0) rop.raw(0)
return rop
def genSyscall(elf, syscall, registers):
registers["rax"] = syscall
rop = setRegisters(elf, registers)
syscall_gadget = "syscall" if elf.arch == "amd64" else "int 0x80" syscall_gadget = "syscall" if elf.arch == "amd64" else "int 0x80"
rop.raw(rop.find_gadget([syscall_gadget]).address) rop.raw(rop.find_gadget([syscall_gadget]).address)
return rop return rop