rex-rop_builder 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 7bc2354d88b4f91955160ec7f9105e8108026b61
4
+ data.tar.gz: 937e2285bd4255995307f85d77f06e7ddd399fe2
5
+ SHA512:
6
+ metadata.gz: 847e25734d93938aadbc2a84111a876e703ea770073e9164e0b20603f993b0c7c64bd3e38a7a60acf41ef3f8ea215f5093e6cb171eae892f380532f913a223b7
7
+ data.tar.gz: 25ecb9cc8dca756392349bd16bf5e97f4f55d837a71aeadddad643a27f0d6ba65e58faeadc996eac49238c968e77a7f7cd12cb9a613f5ff113670f316975b8c8
checksums.yaml.gz.sig ADDED
Binary file
data.tar.gz.sig ADDED
Binary file
data/.gitignore ADDED
@@ -0,0 +1,9 @@
1
+ /.bundle/
2
+ /.yardoc
3
+ /Gemfile.lock
4
+ /_yardoc/
5
+ /coverage/
6
+ /doc/
7
+ /pkg/
8
+ /spec/reports/
9
+ /tmp/
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --format documentation
2
+ --color
data/.travis.yml ADDED
@@ -0,0 +1,5 @@
1
+ sudo: false
2
+ language: ruby
3
+ rvm:
4
+ - 2.3.1
5
+ before_install: gem install bundler -v 1.12.5
@@ -0,0 +1,49 @@
1
+ # Contributor Code of Conduct
2
+
3
+ As contributors and maintainers of this project, and in the interest of
4
+ fostering an open and welcoming community, we pledge to respect all people who
5
+ contribute through reporting issues, posting feature requests, updating
6
+ documentation, submitting pull requests or patches, and other activities.
7
+
8
+ We are committed to making participation in this project a harassment-free
9
+ experience for everyone, regardless of level of experience, gender, gender
10
+ identity and expression, sexual orientation, disability, personal appearance,
11
+ body size, race, ethnicity, age, religion, or nationality.
12
+
13
+ Examples of unacceptable behavior by participants include:
14
+
15
+ * The use of sexualized language or imagery
16
+ * Personal attacks
17
+ * Trolling or insulting/derogatory comments
18
+ * Public or private harassment
19
+ * Publishing other's private information, such as physical or electronic
20
+ addresses, without explicit permission
21
+ * Other unethical or unprofessional conduct
22
+
23
+ Project maintainers have the right and responsibility to remove, edit, or
24
+ reject comments, commits, code, wiki edits, issues, and other contributions
25
+ that are not aligned to this Code of Conduct, or to ban temporarily or
26
+ permanently any contributor for other behaviors that they deem inappropriate,
27
+ threatening, offensive, or harmful.
28
+
29
+ By adopting this Code of Conduct, project maintainers commit themselves to
30
+ fairly and consistently applying these principles to every aspect of managing
31
+ this project. Project maintainers who do not follow or enforce the Code of
32
+ Conduct may be permanently removed from the project team.
33
+
34
+ This code of conduct applies both within project spaces and in public spaces
35
+ when an individual is representing the project or its community.
36
+
37
+ Instances of abusive, harassing, or otherwise unacceptable behavior may be
38
+ reported by contacting a project maintainer at DMaloney@rapid7.com. All
39
+ complaints will be reviewed and investigated and will result in a response that
40
+ is deemed necessary and appropriate to the circumstances. Maintainers are
41
+ obligated to maintain confidentiality with regard to the reporter of an
42
+ incident.
43
+
44
+ This Code of Conduct is adapted from the [Contributor Covenant][homepage],
45
+ version 1.3.0, available at
46
+ [http://contributor-covenant.org/version/1/3/0/][version]
47
+
48
+ [homepage]: http://contributor-covenant.org
49
+ [version]: http://contributor-covenant.org/version/1/3/0/
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source 'https://rubygems.org'
2
+
3
+ # Specify your gem's dependencies in rex-rop_builder.gemspec
4
+ gemspec
data/README.md ADDED
@@ -0,0 +1,31 @@
1
+ # Rex::RopBuilder
2
+
3
+ This is the Ruby Exploitation(Rex) Library for building ROP chains. It also comes with the msfrop command line tool.
4
+
5
+ ## Installation
6
+
7
+ Add this line to your application's Gemfile:
8
+
9
+ ```ruby
10
+ gem 'rex-rop_builder'
11
+ ```
12
+
13
+ And then execute:
14
+
15
+ $ bundle
16
+
17
+ Or install it yourself as:
18
+
19
+ $ gem install rex-rop_builder
20
+
21
+
22
+ ## Development
23
+
24
+ After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
25
+
26
+ To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
27
+
28
+ ## Contributing
29
+
30
+ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/rex-rop_builder. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
31
+
data/Rakefile ADDED
@@ -0,0 +1,6 @@
1
+ require "bundler/gem_tasks"
2
+ require "rspec/core/rake_task"
3
+
4
+ RSpec::Core::RakeTask.new(:spec)
5
+
6
+ task :default => :spec
data/bin/console ADDED
@@ -0,0 +1,14 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require "bundler/setup"
4
+ require "rex/rop_builder"
5
+
6
+ # You can add fixtures and/or initialization code here to make experimenting
7
+ # with your gem easier. You can also use a different console, if you like.
8
+
9
+ # (If you use this, don't forget to add pry to your Gemfile!)
10
+ # require "pry"
11
+ # Pry.start
12
+
13
+ require "irb"
14
+ IRB.start
data/bin/msfrop ADDED
@@ -0,0 +1,159 @@
1
+ #!/usr/bin/env ruby
2
+ # -*- coding: binary -*-
3
+ #
4
+ # $Id$
5
+ #
6
+ # This tool will collect, export, and import ROP gadgets
7
+ # from various file formats (PE, ELF, Macho)
8
+ # $Revision$
9
+ #
10
+
11
+ require 'rex/rop_builder'
12
+ require 'rex/text/color'
13
+ require 'optparse'
14
+
15
+ def opt2i(o)
16
+ o.index("0x")==0 ? o.hex : o.to_i
17
+ end
18
+
19
+ opts = {}
20
+ color = true
21
+
22
+ opt = OptionParser.new
23
+ opt.banner = "Usage #{$PROGRAM_NAME} <option> [targets]"
24
+ opt.separator('')
25
+ opt.separator('Options:')
26
+
27
+ opt.on('-d', '--depth [size]', 'Number of maximum bytes to backwards disassemble from return instructions') do |d|
28
+ opts[:depth] = opt2i(d)
29
+ end
30
+
31
+ opt.on('-s', '--search [regex]', 'Search for gadgets matching a regex, match intel syntax or raw bytes') do |regex|
32
+ opts[:pattern] = regex
33
+ end
34
+
35
+ opt.on('-n', '--nocolor', 'Disable color. Useful for piping to other tools like the less and more commands') do
36
+ color = false
37
+ end
38
+
39
+ opt.on('-x', '--export [filename]', 'Export gadgets to CSV format') do |csv|
40
+ opts[:export] = csv
41
+ end
42
+
43
+ opt.on('-i', '--import [filename]', 'Import gadgets from previous collections') do |csv|
44
+ opts[:import] = csv
45
+ end
46
+
47
+ opt.on('-v', '--verbose', 'Output very verbosely') do
48
+ opts[:verbose] = true
49
+ end
50
+
51
+ opt.on_tail('-h', '--help', 'Show this message') do
52
+ puts opt
53
+ exit
54
+ end
55
+
56
+ begin
57
+ opt.parse!
58
+ rescue OptionParser::InvalidOption
59
+ puts "Invalid option, try -h for usage"
60
+ exit(1)
61
+ end
62
+
63
+ if opts.empty? and (ARGV.empty? or ARGV.nil?)
64
+ puts "no options"
65
+ puts opt
66
+ exit(1)
67
+ end
68
+
69
+ # set defaults
70
+ opts[:depth] ||= 5
71
+
72
+ gadgets = []
73
+
74
+ if opts[:import].nil?
75
+ files = []
76
+ ARGV.each do |file|
77
+ if(File.directory?(file))
78
+ dir = Dir.open(file)
79
+ dir.entries.each do |ent|
80
+ path = File.join(file, ent)
81
+ next if not File.file?(path)
82
+ files << File.join(path)
83
+ end
84
+ else
85
+ files << file
86
+ end
87
+ end
88
+
89
+ ropbuilder = Rex::RopBuilder::RopCollect.new
90
+
91
+ files.each do |file|
92
+ ret, retn = []
93
+ ropbuilder = Rex::RopBuilder::RopCollect.new(file)
94
+ ropbuilder.print_msg("Collecting gadgets from %bld%cya#{file}%clr\n", color)
95
+ retn = ropbuilder.collect(opts[:depth], "\xc2") # retn
96
+ ret = ropbuilder.collect(opts[:depth], "\xc3") # ret
97
+ ropbuilder.print_msg("Found %grn#{ret.count + retn.count}%clr gadgets\n\n", color)
98
+
99
+ # compile a list of all gadgets from all files
100
+ ret.each do |gadget|
101
+ gadgets << gadget
102
+ if opts[:verbose]
103
+ ropbuilder.print_msg("#{gadget[:file]} gadget: %bld%grn#{gadget[:address]}%clr\n", color)
104
+ ropbuilder.print_msg("#{gadget[:disasm]}\n", color)
105
+ end
106
+ end
107
+
108
+ retn.each do |gadget|
109
+ gadgets << gadget
110
+ if opts[:verbose]
111
+ ropbuilder.print_msg("#{gadget[:file]} gadget: %bld%grn#{gadget[:address]}%clr\n", color)
112
+ ropbuilder.print_msg("#{gadget[:disasm]}\n", color)
113
+ end
114
+ end
115
+
116
+ end
117
+
118
+ ropbuilder.print_msg("Found %bld%grn#{gadgets.count}%clr gadgets total\n\n", color)
119
+ end
120
+
121
+ if opts[:import]
122
+
123
+ ropbuilder = Rex::RopBuilder::RopCollect.new()
124
+ ropbuilder.print_msg("Importing gadgets from %bld%cya#{opts[:import]}\n", color)
125
+ gadgets = ropbuilder.import(opts[:import])
126
+
127
+ gadgets.each do |gadget|
128
+ ropbuilder.print_msg("gadget: %bld%cya#{gadget[:address]}%clr\n", color)
129
+ ropbuilder.print_msg(gadget[:disasm] + "\n", color)
130
+ end
131
+
132
+ ropbuilder.print_msg("Imported %grn#{gadgets.count}%clr gadgets\n", color)
133
+ end
134
+
135
+ if opts[:pattern]
136
+ matches = ropbuilder.pattern_search(opts[:pattern])
137
+ if opts[:verbose]
138
+ ropbuilder.print_msg("Found %grn#{matches.count}%clr matches\n", color)
139
+ end
140
+ end
141
+
142
+ if opts[:export]
143
+ ropbuilder.print_msg("Exporting %grn#{gadgets.count}%clr gadgets to %bld%cya#{opts[:export]}%clr\n", color)
144
+ csv = ropbuilder.to_csv(gadgets)
145
+
146
+ if csv.nil?
147
+ exit(1)
148
+ end
149
+
150
+ begin
151
+ fd = File.new(opts[:export], 'w')
152
+ fd.puts csv
153
+ fd.close
154
+ rescue
155
+ puts "Error writing #{opts[:export]} file"
156
+ exit(1)
157
+ end
158
+ ropbuilder.print_msg("%bld%redSuccess!%clr gadgets exported to %bld%cya#{opts[:export]}%clr\n", color)
159
+ end
data/bin/setup ADDED
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env bash
2
+ set -euo pipefail
3
+ IFS=$'\n\t'
4
+ set -vx
5
+
6
+ bundle install
7
+
8
+ # Do any other automated setup that you need to do here
@@ -0,0 +1,9 @@
1
+ require "rex/rop_builder/version"
2
+ require 'rex/rop_builder/rop'
3
+ require 'metasm'
4
+
5
+ module Rex
6
+ module RopBuilder
7
+ # Your code goes here...
8
+ end
9
+ end
@@ -0,0 +1,275 @@
1
+ # -*- coding: binary -*-
2
+ require 'metasm'
3
+ require 'rex/compat'
4
+ require 'rex/text/table'
5
+ require 'rex/text/color'
6
+
7
+ module Rex
8
+ module RopBuilder
9
+
10
+ class RopBase
11
+ include Rex::Text::Color
12
+ def initialize()
13
+ @gadgets = []
14
+ end
15
+
16
+ def to_csv(gadgets = [])
17
+ if gadgets.empty? and @gadgets.nil? or @gadgets.empty?
18
+ print_error("No gadgets collected to convert to CSV format.")
19
+ return
20
+ end
21
+
22
+ # allow the users to import gadget collections from multiple files
23
+ if @gadgets.empty? or @gadgets.nil?
24
+ @gadgets = gadgets
25
+ end
26
+
27
+ table = Rex::Text::Table.new(
28
+ 'Header' => "#{@file} ROP Gadgets",
29
+ 'Indent' => 1,
30
+ 'Columns' =>
31
+ [
32
+ "Address",
33
+ "Raw",
34
+ "Disassembly",
35
+ ])
36
+
37
+ @gadgets.each do |gadget|
38
+ table << [gadget[:address], gadget[:raw].unpack('H*')[0], gadget[:disasm].gsub(/\n/, ' | ')]
39
+ end
40
+
41
+ return table.to_csv
42
+ end
43
+
44
+ def import(file)
45
+ begin
46
+ data = File.new(file, 'r').read
47
+ rescue
48
+ print_error("Error reading #{file}")
49
+ return []
50
+ end
51
+
52
+ if data.empty? or data.nil?
53
+ return []
54
+ end
55
+
56
+ data.gsub!(/\"/, '')
57
+ data.gsub!("Address,Raw,Disassembly\n", '')
58
+
59
+ @gadgets = []
60
+
61
+ data.each_line do |line|
62
+ addr, raw, disasm = line.split(',', 3)
63
+ if addr.nil? or raw.nil? or disasm.nil?
64
+ print_error("Import file format corrupted")
65
+ return []
66
+ end
67
+ disasm.gsub!(/: /, ":\t")
68
+ disasm.gsub!(' | ', "\n")
69
+ raw = [raw].pack('H*')
70
+ @gadgets << {:file => file, :address => addr, :raw => raw, :disasm => disasm.chomp!}
71
+ end
72
+ @gadgets
73
+ end
74
+
75
+ def supports_color?
76
+ true
77
+ end
78
+
79
+ def print_error(msg = '')
80
+ print_msg("%bld%red[-]%clr #{msg}")
81
+ end
82
+
83
+ def print_msg(msg, color=true)
84
+ if color
85
+ msg = substitute_colors(msg)
86
+ end
87
+ puts msg
88
+ end
89
+
90
+ def print_status(msg = '')
91
+ print_msg("%bld%blu[*]%clr #{msg}")
92
+ end
93
+ end
94
+
95
+ class RopCollect < RopBase
96
+ def initialize(file="")
97
+ @file = file if not file.empty?
98
+ @bin = Metasm::AutoExe.decode_file(file) if not file.empty?
99
+ @disassembler = @bin.disassembler if not @bin.nil?
100
+ if @disassembler
101
+ @disassembler.cpu = Metasm::Ia32.new('386_common')
102
+ end
103
+ super()
104
+ end
105
+
106
+ def collect(depth, pattern)
107
+ matches = []
108
+ gadgets = []
109
+
110
+ # find matches by scanning for the pattern
111
+ matches = @disassembler.pattern_scan(pattern)
112
+ if @bin.kind_of?(Metasm::PE)
113
+ @bin.sections.each do |section|
114
+ next if section.characteristics.include? 'MEM_EXECUTE'
115
+ # delete matches if the address is outside the virtual address space
116
+ matches.delete_if do |ea|
117
+ va = section.virtaddr + @bin.optheader.image_base
118
+ ea >= va and ea < va + section.virtsize
119
+ end
120
+ end
121
+ elsif @bin.kind_of?(Metasm::ELF)
122
+ @bin.segments.each do |seg|
123
+ next if seg.flags.include? 'X'
124
+ matches.delete_if do |ea|
125
+ ea >= seg.vaddr and ea < seg.vaddr + seg.memsz
126
+ end
127
+ end
128
+ elsif @bin.kind_of?(Metasm::MachO)
129
+ @bin.segments.each do |seg|
130
+ next if seg.initprot.include? 'EXECUTE'
131
+ matches.delete_if do |ea|
132
+ ea >= seg.virtaddr and ea < seg.virtaddr + seg.filesize
133
+ end
134
+ end
135
+ end
136
+
137
+ gadgets = process_gadgets(matches, depth)
138
+ gadgets.each do |gadget|
139
+ @gadgets << gadget
140
+ end
141
+ gadgets
142
+ end
143
+
144
+ def pattern_search(pattern)
145
+ p = Regexp.new("(" + pattern + ")")
146
+ matches = []
147
+
148
+ @gadgets.each do |gadget|
149
+ disasm = ""
150
+ addrs = []
151
+
152
+ gadget[:disasm].each_line do |line|
153
+ addr, asm = line.split("\t", 2)
154
+ addrs << addr
155
+ disasm << asm
156
+ end
157
+
158
+ if gadget[:raw] =~ p or gadget[:disasm] =~ p or disasm =~ p
159
+ matches << {:gadget => gadget, :disasm => disasm, :addrs => addrs}
160
+ end
161
+ end
162
+ matches.each do |match|
163
+ print_status("gadget with address: %bld%cya#{match[:gadget][:address]}%clr matched")
164
+ color_pattern(match[:gadget], match[:disasm], match[:addrs], p)
165
+ end
166
+ matches
167
+ end
168
+
169
+ def color_pattern(gadget, disasm, addrs, p)
170
+ idx = disasm.index(p)
171
+ if idx.nil?
172
+ print_msg(gadget[:disasm])
173
+ return
174
+ end
175
+
176
+ disasm = disasm.insert(idx, "%bld%grn")
177
+
178
+ asm = ""
179
+ cnt = 0
180
+ colors = false
181
+ disasm.each_line do |line|
182
+ # if we find this then we are in the matching area
183
+ if line.index(/\%bld\%grn/)
184
+ colors = true
185
+ end
186
+ asm << "%clr" + addrs[cnt] + "\t"
187
+
188
+ # color the remaining parts of the gadget
189
+ if colors and line.index("%bld%grn").nil?
190
+ asm << "%bld%grn" + line
191
+ else
192
+ asm << line
193
+ end
194
+
195
+ cnt += 1
196
+ end
197
+ asm << "%clr\n"
198
+ print_msg(asm)
199
+ end
200
+
201
+ def process_gadgets(rets, num)
202
+ ret = {}
203
+ gadgets = []
204
+ tmp = []
205
+ rets.each do |ea|
206
+ insn = @disassembler.disassemble_instruction(ea)
207
+ next if not insn
208
+
209
+ xtra = insn.bin_length
210
+
211
+ num.downto(0) do |x|
212
+ addr = ea - x
213
+
214
+ # get the disassembled instruction at this address
215
+ di = @disassembler.disassemble_instruction(addr)
216
+
217
+ # skip invalid instructions
218
+ next if not di
219
+ next if di.opcode.props[:setip]
220
+ next if di.opcode.props[:stopexec]
221
+
222
+ # get raw bytes
223
+ buf = @disassembler.read_raw_data(addr, x + xtra)
224
+
225
+
226
+ # make sure disassembling forward leads to our instruction
227
+ next if not ends_with_addr(buf, addr, ea)
228
+
229
+ dasm = ""
230
+ while addr <= ea
231
+ di = @disassembler.disassemble_instruction(addr)
232
+ dasm << ("0x%08x:\t" % addr) + di.instruction.to_s + "\n"
233
+ addr = addr + di.bin_length
234
+ end
235
+
236
+ if not tmp.include?(ea)
237
+ tmp << ea
238
+ else
239
+ next
240
+ end
241
+
242
+ # otherwise, we create a new tailchunk and add it to the list
243
+ ret = {:file => @file, :address => ("0x%08x" % (ea - x)), :raw => buf, :disasm => dasm}
244
+ gadgets << ret
245
+ end
246
+ end
247
+ gadgets
248
+ end
249
+
250
+ private
251
+ def ends_with_addr(raw, base, addr)
252
+ dasm2 = Metasm::Shellcode.decode(raw, @disassembler.cpu).disassembler
253
+ offset = 0
254
+ while ((di = dasm2.disassemble_instruction(offset)))
255
+ return true if (base + offset) == addr
256
+ return false if di.opcode.props[:setip]
257
+ return false if di.opcode.props[:stopexec]
258
+ offset = di.next_addr
259
+ end
260
+ false
261
+ end
262
+
263
+ def raw_instructions(raw)
264
+ insns = []
265
+ d2 = Metasm::Shellcode.decode(raw, @disassembler.cpu).disassembler
266
+ addr = 0
267
+ while ((di = d2.disassemble_instruction(addr)))
268
+ insns << di.instruction
269
+ addr = di.next_addr
270
+ end
271
+ insns
272
+ end
273
+ end
274
+ end
275
+ end
@@ -0,0 +1,5 @@
1
+ module Rex
2
+ module RopBuilder
3
+ VERSION = "0.1.0"
4
+ end
5
+ end
@@ -0,0 +1,29 @@
1
+ # coding: utf-8
2
+ lib = File.expand_path('../lib', __FILE__)
3
+ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
+ require 'rex/rop_builder/version'
5
+
6
+ Gem::Specification.new do |spec|
7
+ spec.name = "rex-rop_builder"
8
+ spec.version = Rex::RopBuilder::VERSION
9
+ spec.authors = ["David Maloney"]
10
+ spec.email = ["DMaloney@rapid7.com"]
11
+
12
+ spec.summary = %q{Ruby Exploitation(Rex) Library for building ROP chains.}
13
+ spec.homepage = "https://github.com/rapid7/rex-rop_builder"
14
+
15
+
16
+
17
+ spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
18
+ spec.bindir = "bin"
19
+ spec.executables = ["msfrop"]
20
+ spec.require_paths = ["lib"]
21
+
22
+ spec.add_development_dependency "bundler", "~> 1.12"
23
+ spec.add_development_dependency "rake", "~> 10.0"
24
+ spec.add_development_dependency "rspec", "~> 3.0"
25
+
26
+ spec.add_runtime_dependency "metasm"
27
+ spec.add_runtime_dependency "rex-core"
28
+ spec.add_runtime_dependency "rex-text"
29
+ end
metadata ADDED
@@ -0,0 +1,219 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: rex-rop_builder
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - David Maloney
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain:
11
+ - |
12
+ -----BEGIN CERTIFICATE-----
13
+ MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
14
+ A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
15
+ b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAw
16
+ MDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
17
+ YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT
18
+ aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ
19
+ jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp
20
+ xy0Sy6scTHAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp
21
+ 1Wrjsok6Vjk4bwY8iGlbKk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdG
22
+ snUOhugZitVtbNV4FpWi6cgKOOvyJBNPc1STE4U6G7weNLWLBYy5d4ux2x8gkasJ
23
+ U26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrXgzT/LCrBbBlDSgeF59N8
24
+ 9iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
25
+ BTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0B
26
+ AQUFAAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOz
27
+ yj1hTdNGCbM+w6DjY1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE
28
+ 38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP
29
+ AbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhHhm4qxFYxldBniYUr+WymXUad
30
+ DKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveCX4XSQRjbgbME
31
+ HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A==
32
+ -----END CERTIFICATE-----
33
+ - |
34
+ -----BEGIN CERTIFICATE-----
35
+ MIIEKDCCAxCgAwIBAgILBAAAAAABL07hNVwwDQYJKoZIhvcNAQEFBQAwVzELMAkG
36
+ A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
37
+ b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xMTA0MTMxMDAw
38
+ MDBaFw0xOTA0MTMxMDAwMDBaMFExCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
39
+ YWxTaWduIG52LXNhMScwJQYDVQQDEx5HbG9iYWxTaWduIENvZGVTaWduaW5nIENB
40
+ IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyTxTnEL7XJnKr
41
+ NpfvU79ChF5Y0Yoo/ENGb34oRFALdV0A1zwKRJ4gaqT3RUo3YKNuPxL6bfq2RsNq
42
+ o7gMJygCVyjRUPdhOVW4w+ElhlI8vwUd17Oa+JokMUnVoqni05GrPjxz7/Yp8cg1
43
+ 0DB7f06SpQaPh+LO9cFjZqwYaSrBXrta6G6V/zuAYp2Zx8cvZtX9YhqCVVrG+kB3
44
+ jskwPBvw8jW4bFmc/enWyrRAHvcEytFnqXTjpQhU2YM1O46MIwx1tt6GSp4aPgpQ
45
+ STic0qiQv5j6yIwrJxF+KvvO3qmuOJMi+qbs+1xhdsNE1swMfi9tBoCidEC7tx/0
46
+ O9dzVB/zAgMBAAGjgfowgfcwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYB
47
+ Af8CAQAwHQYDVR0OBBYEFAhu2Lacir/tPtfDdF3MgB+oL1B6MEcGA1UdIARAMD4w
48
+ PAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNv
49
+ bS9yZXBvc2l0b3J5LzAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmdsb2Jh
50
+ bHNpZ24ubmV0L3Jvb3QuY3JsMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB8GA1UdIwQY
51
+ MBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA0GCSqGSIb3DQEBBQUAA4IBAQAiXMXd
52
+ PfQLcNjj9efFjgkBu7GWNlxaB63HqERJUSV6rg2kGTuSnM+5Qia7O2yX58fOEW1o
53
+ kdqNbfFTTVQ4jGHzyIJ2ab6BMgsxw2zJniAKWC/wSP5+SAeq10NYlHNUBDGpeA07
54
+ jLBwwT1+170vKsPi9Y8MkNxrpci+aF5dbfh40r5JlR4VeAiR+zTIvoStvODG3Rjb
55
+ 88rwe8IUPBi4A7qVPiEeP2Bpen9qA56NSvnwKCwwhF7sJnJCsW3LZMMSjNaES2dB
56
+ fLEDF3gJ462otpYtpH6AA0+I98FrWkYVzSwZi9hwnOUtSYhgcqikGVJwQ17a1kYD
57
+ sGgOJO9K9gslJO8k
58
+ -----END CERTIFICATE-----
59
+ - |
60
+ -----BEGIN CERTIFICATE-----
61
+ MIIEyjCCA7KgAwIBAgISESEyE8rNriS4+1dc8jOHEUL8MA0GCSqGSIb3DQEBBQUA
62
+ MFExCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMScwJQYD
63
+ VQQDEx5HbG9iYWxTaWduIENvZGVTaWduaW5nIENBIC0gRzIwHhcNMTMxMDExMTUx
64
+ NTM4WhcNMTYxMDExMTUxNTM4WjBgMQswCQYDVQQGEwJVUzEWMBQGA1UECBMNTWFz
65
+ c2FjaHVzZXR0czEPMA0GA1UEBxMGQm9zdG9uMRMwEQYDVQQKEwpSYXBpZDcgTExD
66
+ MRMwEQYDVQQDEwpSYXBpZDcgTExDMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
67
+ CgKCAQEAhD//7+739c69hssg0mD6CXgf2JkuWTcU81dgD7aKcoEPqU8e1FseBvDW
68
+ /Q5fNK2H2NgHV/Msn18zXuK0PkaJXqj/vDsuKB3Hq0BiR2AwyDdEw8K5MK5bgQc2
69
+ tmcVtEAejRoy1Uv5UyfaAYAxG6zsma3buV1fjnEAC3VouRg4+EX/f65H/a6srntK
70
+ 5Etp3D71k2f0oUl8dOqOmSsRJQQ5zSs4ktDvpjAmsvzoA+1svceLYU95mvQsIw2T
71
+ edpmibGMwGw/HmgV+YWBgF5UGvax6zbC2i6DF2YHnDfkNb8/1MEIaxOTAbJTazTK
72
+ 8laCQOyay6L1BNPQKjZBgOge8LZq1wIDAQABo4IBizCCAYcwDgYDVR0PAQH/BAQD
73
+ AgeAMEwGA1UdIARFMEMwQQYJKwYBBAGgMgEyMDQwMgYIKwYBBQUHAgEWJmh0dHBz
74
+ Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAkGA1UdEwQCMAAwEwYD
75
+ VR0lBAwwCgYIKwYBBQUHAwMwPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NybC5n
76
+ bG9iYWxzaWduLmNvbS9ncy9nc2NvZGVzaWduZzIuY3JsMIGGBggrBgEFBQcBAQR6
77
+ MHgwQAYIKwYBBQUHMAKGNGh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2Fj
78
+ ZXJ0L2dzY29kZXNpZ25nMi5jcnQwNAYIKwYBBQUHMAGGKGh0dHA6Ly9vY3NwMi5n
79
+ bG9iYWxzaWduLmNvbS9nc2NvZGVzaWduZzIwHQYDVR0OBBYEFE536JwFx9SpaEi3
80
+ w8pcq2GRFA5BMB8GA1UdIwQYMBaAFAhu2Lacir/tPtfDdF3MgB+oL1B6MA0GCSqG
81
+ SIb3DQEBBQUAA4IBAQAGpGXHtFLjTTivV+xQPwtZhfPuJ7f+VGTMSAAYWmfzyHXM
82
+ YMFYUWJzSFcuVR2YfxtbS45P7U5Qopd7jBQ0Ygk5h2a+B5nE4+UlhHj665d0zpYM
83
+ 1eWndMaO6WBOYnqtNyi8Dqqc1foKZDNHEDggYhGso7OIBunup+N4sPL9PwQ3eYe6
84
+ mUu8z0E4GXYViaMPOFkqaYnoYgf2L+7L5zKYT4h/NE/P7kj7EbduHgy/v/aAIrNl
85
+ 2SpuQH+SWteq3NXkAmFEEqvLJQ4sbptZt8OP8ghL3pVAvZNFmww/YVszSkShSzcg
86
+ QdihYCSEL2drS2cFd50jBeq71sxUtxbv82DUa2b+
87
+ -----END CERTIFICATE-----
88
+ date: 2016-09-12 00:00:00.000000000 Z
89
+ dependencies:
90
+ - !ruby/object:Gem::Dependency
91
+ name: bundler
92
+ requirement: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - "~>"
95
+ - !ruby/object:Gem::Version
96
+ version: '1.12'
97
+ type: :development
98
+ prerelease: false
99
+ version_requirements: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - "~>"
102
+ - !ruby/object:Gem::Version
103
+ version: '1.12'
104
+ - !ruby/object:Gem::Dependency
105
+ name: rake
106
+ requirement: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - "~>"
109
+ - !ruby/object:Gem::Version
110
+ version: '10.0'
111
+ type: :development
112
+ prerelease: false
113
+ version_requirements: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - "~>"
116
+ - !ruby/object:Gem::Version
117
+ version: '10.0'
118
+ - !ruby/object:Gem::Dependency
119
+ name: rspec
120
+ requirement: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - "~>"
123
+ - !ruby/object:Gem::Version
124
+ version: '3.0'
125
+ type: :development
126
+ prerelease: false
127
+ version_requirements: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - "~>"
130
+ - !ruby/object:Gem::Version
131
+ version: '3.0'
132
+ - !ruby/object:Gem::Dependency
133
+ name: metasm
134
+ requirement: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ">="
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
139
+ type: :runtime
140
+ prerelease: false
141
+ version_requirements: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - ">="
144
+ - !ruby/object:Gem::Version
145
+ version: '0'
146
+ - !ruby/object:Gem::Dependency
147
+ name: rex-core
148
+ requirement: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
153
+ type: :runtime
154
+ prerelease: false
155
+ version_requirements: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - ">="
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ - !ruby/object:Gem::Dependency
161
+ name: rex-text
162
+ requirement: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - ">="
165
+ - !ruby/object:Gem::Version
166
+ version: '0'
167
+ type: :runtime
168
+ prerelease: false
169
+ version_requirements: !ruby/object:Gem::Requirement
170
+ requirements:
171
+ - - ">="
172
+ - !ruby/object:Gem::Version
173
+ version: '0'
174
+ description:
175
+ email:
176
+ - DMaloney@rapid7.com
177
+ executables:
178
+ - msfrop
179
+ extensions: []
180
+ extra_rdoc_files: []
181
+ files:
182
+ - ".gitignore"
183
+ - ".rspec"
184
+ - ".travis.yml"
185
+ - CODE_OF_CONDUCT.md
186
+ - Gemfile
187
+ - README.md
188
+ - Rakefile
189
+ - bin/console
190
+ - bin/msfrop
191
+ - bin/setup
192
+ - lib/rex/rop_builder.rb
193
+ - lib/rex/rop_builder/rop.rb
194
+ - lib/rex/rop_builder/version.rb
195
+ - rex-rop_builder.gemspec
196
+ homepage: https://github.com/rapid7/rex-rop_builder
197
+ licenses: []
198
+ metadata: {}
199
+ post_install_message:
200
+ rdoc_options: []
201
+ require_paths:
202
+ - lib
203
+ required_ruby_version: !ruby/object:Gem::Requirement
204
+ requirements:
205
+ - - ">="
206
+ - !ruby/object:Gem::Version
207
+ version: '0'
208
+ required_rubygems_version: !ruby/object:Gem::Requirement
209
+ requirements:
210
+ - - ">="
211
+ - !ruby/object:Gem::Version
212
+ version: '0'
213
+ requirements: []
214
+ rubyforge_project:
215
+ rubygems_version: 2.4.8
216
+ signing_key:
217
+ specification_version: 4
218
+ summary: Ruby Exploitation(Rex) Library for building ROP chains.
219
+ test_files: []
metadata.gz.sig ADDED
@@ -0,0 +1 @@
1
+ 3��l�����xj��ၳ�\;�L�V����8<Z�4�Ï� s�Jzi]��|k�{켭�s�ӈ``�P�`�� H��C�Tg��q@?̎�ޓG�&�K�e]�@�^��u���\J6ӯ���4�a�;�k7'/0�-c7K��v�T�*ÎR�N��7Z�h$v=5$_��n���t���P]%�kN���k��a��I.W$ț�ϑ�