-
Notifications
You must be signed in to change notification settings - Fork 1
/
ROPGen.h
executable file
·77 lines (49 loc) · 1.16 KB
/
ROPGen.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
#ifndef ROPGEN_H
# define ROPGEN_H
#include "ROPHelper.h"
#include <iostream>
#include <bitset>
#include <climits>
class ROPGen : public ROPHelper {
private:
BYTE* _payload;
BYTE* _pcOffset;
BYTE* _initialPC;
uint _cookieValue;
uint _slideSP;
uint _maxROPSize;
uint _gadgetCount;
uint _pcLoc;
BYTE _allowsZeros;
protected:
uint _slideValue;
BYTE thumbMode;
public:
ROPGen(uint cookieValue, uint slideValue,
const char* fileName, uint maxSize);
virtual ~ROPGen();
void printChainHex();
void printChainB64();
void printChainB2();
void printChainBinary();
void printStats();
BYTE verifyPayload();
protected:
void writeValue(uint value, uint pos);
void setPClocation(uint pos);
BYTE areZerosAllowed();
void setChainMaxSize(uint size);
void allowsZeros();
void addGadget(uint gadgetAddr);
void addSymbol(uint funcAddr, BYTE debug = TRUE);
void addBytes(uint value = DEFAULT_ADDED_BYTES,
uint nb_bytes = ADDR_SIZE,
BYTE debug = TRUE);
uint getNewSP();
uint getSlideValue();
uint getPCLoc();
BYTE* getPayload();
BYTE* getInitialPC();
uint getMaxROPSize();
};
#endif // ROPGEN_H