Skip to content

Fails to catch __libc_csu_init gadgets #103

New issue
New issue
Open
Open
Fails to catch __libc_csu_init gadgets#103
@zachriggle

Description

@zachriggle
zachriggle
opened on Jan 29, 2017

ROPgadget always seems to miss this sequence:

.text:00000000004005E6 48 8B 5C 24 08     mov     rbx, [rsp+8]
.text:00000000004005EB 48 8B 6C 24 10     mov     rbp, [rsp+10h]
.text:00000000004005F0 4C 8B 64 24 18     mov     r12, [rsp+18h]
.text:00000000004005F5 4C 8B 6C 24 20     mov     r13, [rsp+20h]
.text:00000000004005FA 4C 8B 74 24 28     mov     r14, [rsp+28h]
.text:00000000004005FF 4C 8B 7C 24 30     mov     r15, [rsp+30h]
.text:0000000000400604 48 83 C4 38        add     rsp, 38h
.text:0000000000400608 C3                 retn
.text:0000000000400608                __libc_csu_init endp

$ ROPgadget --binary unexploitable | grep 38
0x0000000000400605 : add esp, 0x38 ; ret
0x0000000000400604 : add rsp, 0x38 ; ret
0x0000000000400602 : and al, 0x30 ; add rsp, 0x38 ; ret
0x0000000000400600 : mov edi, dword ptr [rsp + 0x30] ; add rsp, 0x38 ; ret
0x00000000004005ff : mov r15, qword ptr [rsp + 0x30] ; add rsp, 0x38 ; ret
0x0000000000400538 : pop rbp ; mov edi, 0x600e48 ; jmp rax

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions