The tool needs to be compatible with Linux and Windows x86 architecture. Both 32 and 64 bit registers.
Basically a more up to date version of the one attached.
Just need it to read the Elf and PE to search for pop pop ret instructions and show their location on the CMD.
Draco A.100% (1)
Create an account now and send a proposal now to get this project.Sign up
Clarification Board Ask a Question
Thanks for the invite!
I would need you to clarify some things, before I bid.
Could you please specify what your budget is for this project?
Also, does the script need to search for gadgets other than pop pop ret?
This script searches a memory dump? Could you provide an example dump?
Matthias K.Draco A.19 Apr 2018
Thank you for enquiring. It only need to search for POP POP RET instructions really and display them with corresponding address.
Really it just needs to search the stack memory using capstone. It's my understanding now that it doesn't require a dump.
I do have test binaries for all systems i need it top work on. They are Linux and Windows x86 architecture 32 and 64 bits. ELF, ARM, PE.
Budget wise i been quoted £100 for it to be done in C. I'm open to it being made in python.Matthias K.19 Apr 2018
Hi! Could you upload some of this test-binaries, so I can check?
My problem right now is that you're telling me I should look for instructions on the stack, but there shouldn't be any instructions on the stack. Actually the stack should be non-executable on any modern system.
W.R.T. binary formats: Errm, I hope you miswrote that you have ARM binaries. PE and ELF binaries should be easily doable.
W.R.T. capstone: It's probably a bit of an overkill to use capstone here, this could be probably done by hand.
W.R.T. budget: Well I would have to quote you higher here, as your project is something that requires specialized knowledge.
There is no attachment.
John RDraco A.19 Apr 2018
Thank you for telling me, I'll try and fix it.
But in the mean time the tool I need is very similar to many other on github. If you go on github and look for RopGadget, Ropstone, Ropper, Ropeme, Rop++, Rop-Tool.
Please note some of these are very elaborate and full of features, I only need the search function with the pop pop ret register instructions printed on screen next to their corresponding memory locations.