Provided by: python3-ropgadget_7.5+dfsg-1_all
NAME
ROPgadget - search executables for exploitable ROP gadgets
SYNOPSIS
ROPgadget [--binary FILE] [options]
DESCRIPTION
ROPGadget is a tool for security research and vulnerability exploitation. It lets you search binaries for sequences of useful machine code instructions followed by a return statement ("gadgets"). If an exploit can manipulate the callstack to point to a sequence of gadgets, the return statements will redirect the program flow to execute the sequence ("return oriented programming"). By reusing existing code out of context, an attacker can potentially circumvent security measures which prevent the execution of injected code. ROPgadget supports ELF/PE/Mach-O format on x86, x64, ARM, PowerPC, SPARC and MIPS architectures. The following options are available: --binary FILE specify the executable to be analyzed --opcode OPCODES Search for particular opcodes in executable sections --string STRING Search for a particular string in readable sections --memstr STRING Search for each byte in readable sections --depth DEPTH Limit search depth for internal engine (default: 10) --only KEY Only show specific instructions --filter KEY Suppress specific instructions --range START-END Limit search to address range between START and END. --badbytes BYTES Reject specific bytes in the address of a gadget --rawArch ARCH Specify architecture for raw binaries --rawMode MODE Specify mode for raw binaries --re EXPR Search for gadgets using the regular expression EXPR. --offsetOFFSET Add an offset to all gadget addresses --ropchain Enable ROP chain generation --thumb Use thumb mode for ARM architecture binaries --console Enable the interactive console for the search engine --norop Disable ROP search engine --nojop Disable JOP search engine --nosys Disable SYS search engine --multibr Enable multiple branch gadgets --all Show all gadgets, even duplicates --dump Output the gadget bytes
AUTHOR
This manual page was written for Debian by Timo Röhling and may be used without restriction. ROPGADGET(1)