one_gadget 1.3.2 → 1.3.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +2 -2
- data/bin/one_gadget +1 -1
- data/lib/one_gadget/fetchers/i386.rb +3 -2
- data/lib/one_gadget/helper.rb +6 -7
- data/lib/one_gadget/version.rb +1 -1
- metadata +16 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 46423a7d1fbe920deb0a0c86e877395c28a26516
|
4
|
+
data.tar.gz: 37ad2dba4c8bcd0350e7e5c30abc58780ebc59c8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3f7b28afa0e63fedd2cb5c052775025dbae9a5325686aaaa0f648851ca2ae925f97d9221fb56cffabcaf6fd186328e6eab2103b07a51ee0b8d2a55f8e4af24ed
|
7
|
+
data.tar.gz: 0e58a88ad35c44aebbfc816d15ad9fab1fd08231ed87809fa90f49d7d90c35f2356658904a5b4b96b15fc35e31a005c35bf9b6c05bb996b409d3462255073f02
|
data/README.md
CHANGED
@@ -8,11 +8,11 @@
|
|
8
8
|
|
9
9
|
## One Gadget
|
10
10
|
|
11
|
-
When playing ctf pwn challenges we usually
|
11
|
+
When playing ctf pwn challenges we usually need the one-gadget of `execve('/bin/sh', NULL, NULL)`.
|
12
12
|
|
13
13
|
This gem provides such gadget finder, no need to use IDA-pro every time like a fool.
|
14
14
|
|
15
|
-
|
15
|
+
This work provides the command-line tool `one_gadget` for easy usage.
|
16
16
|
|
17
17
|
Note: Supports amd64 and i386!
|
18
18
|
|
data/bin/one_gadget
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
require 'one_gadget/fetchers/base'
|
2
2
|
require 'one_gadget/emulators/i386'
|
3
|
+
require 'elftools'
|
3
4
|
|
4
5
|
module OneGadget
|
5
6
|
module Fetcher
|
@@ -109,9 +110,9 @@ module OneGadget
|
|
109
110
|
end
|
110
111
|
|
111
112
|
def rw_offset
|
113
|
+
elf = ELFTools::ELFFile.new(File.open(file))
|
112
114
|
# How to find this offset correctly..?
|
113
|
-
|
114
|
-
line.scan(/0x[\da-f]+/).last.to_i(16) & -0x1000
|
115
|
+
elf.segment_by_type(:dynamic).tag_by_type(:pltgot).header.d_val & -0x1000
|
115
116
|
end
|
116
117
|
|
117
118
|
def should_null(str)
|
data/lib/one_gadget/helper.rb
CHANGED
@@ -1,8 +1,9 @@
|
|
1
|
-
require '
|
2
|
-
require 'shellwords'
|
1
|
+
require 'elftools'
|
3
2
|
require 'net/http'
|
4
3
|
require 'openssl'
|
4
|
+
require 'pathname'
|
5
5
|
require 'tempfile'
|
6
|
+
|
6
7
|
require 'one_gadget/logger'
|
7
8
|
|
8
9
|
module OneGadget
|
@@ -28,10 +29,7 @@ module OneGadget
|
|
28
29
|
# build_id_of('/lib/x86_64-linux-gnu/libc-2.23.so')
|
29
30
|
# #=> '60131540dadc6796cab33388349e6e4e68692053'
|
30
31
|
def build_id_of(path)
|
31
|
-
|
32
|
-
bid = `#{cmd}`.scan(/Build ID: (#{BUILD_ID_FORMAT})$/).first
|
33
|
-
return nil if bid.nil?
|
34
|
-
bid.first
|
32
|
+
ELFTools::ELFFile.new(File.open(path)).build_id
|
35
33
|
end
|
36
34
|
|
37
35
|
# Disable colorize
|
@@ -131,9 +129,10 @@ module OneGadget
|
|
131
129
|
# @return [String]
|
132
130
|
# Only supports :amd64, :i386 now.
|
133
131
|
def architecture(file)
|
134
|
-
str =
|
132
|
+
str = ELFTools::ELFFile.new(File.open(file)).machine
|
135
133
|
return :amd64 if str.include?('X86-64')
|
136
134
|
return :i386 if str.include?('Intel 80386')
|
135
|
+
rescue ELFTools::ELFError # not a valid ELF
|
137
136
|
:unknown
|
138
137
|
end
|
139
138
|
|
data/lib/one_gadget/version.rb
CHANGED
metadata
CHANGED
@@ -1,15 +1,29 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: one_gadget
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.3.
|
4
|
+
version: 1.3.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- david942j
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-03-
|
11
|
+
date: 2017-03-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: elftools
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '0'
|
13
27
|
- !ruby/object:Gem::Dependency
|
14
28
|
name: rspec
|
15
29
|
requirement: !ruby/object:Gem::Requirement
|