owl 0.0.3

ROP-gadget finder in Rust
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129

use error::*;
use falcon_capstone::capstone;
use gadget::*;
use util::find;

/// A ROP-gadget finder for the MIPS (Big-Endian) architecture.
#[derive(Clone, Debug)]
pub struct Mips {}

/// A ROP-gadget finder for the MIPSEL (Little-Endian) architecture.
#[derive(Clone, Debug)]
pub struct Mipsel {}


impl Mips {
    /// Create a new Mips ROP-Gadget finder.
    pub fn new() -> Mips {
        Mips {}
    }

    /// Find ROP-Gadgets in MIPS code.
    pub fn find(&self, address: u64, bytes: &[u8], depth: usize) -> Result<Vec<Gadget>> {
        find(address,
             bytes,
             depth,
             4,
             capstone::cs_arch::CS_ARCH_MIPS,
             capstone::CS_MODE_32 | capstone::CS_MODE_BIG_ENDIAN,
             RET_INSTRUCTIONS,
             VALID_INSTRUCTIONS,
             4)
    }
}


impl ::GadgetFinder for Mips {
    fn find(&self, address: u64, bytes: &[u8], depth: usize) -> Result<Vec<Gadget>> {
        self.find(address, bytes, depth)
    }
}


impl Mipsel {
    /// Create a new Mipsel ROP-Gadget finder.
    pub fn new() -> Mipsel {
        Mipsel {}
    }

    /// Find ROP-Gadgets in Mipsel code.
    pub fn find(&self, address: u64, bytes: &[u8], depth: usize) -> Result<Vec<Gadget>> {
        find(address,
             bytes,
             depth,
             4,
             capstone::cs_arch::CS_ARCH_MIPS,
             capstone::CS_MODE_32 | capstone::CS_MODE_LITTLE_ENDIAN,
             RET_INSTRUCTIONS,
             VALID_INSTRUCTIONS,
             4)
    }
}


impl ::GadgetFinder for Mipsel {
    fn find(&self, address: u64, bytes: &[u8], depth: usize) -> Result<Vec<Gadget>> {
        self.find(address, bytes, depth)
    }
}


static VALID_INSTRUCTIONS: &[capstone::InstrIdArch] = &[
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_ADD),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_ADDI),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_ADDIU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_ADDU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_AND),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_ANDI),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_CLO),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_CLZ),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_DIV),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_DIVU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_LB),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_LBU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_LH),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_LHU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_LUI),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_LW),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MADD),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MADDU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MFHI),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MFLO),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MOVE),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MOVN),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MOVZ),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MSUB),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MSUBU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MTHI),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MTLO),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MUL),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MULT),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_MULTU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_NEGU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_NOP),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_NOR),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_OR),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_ORI),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SB),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SH),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SLL),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SLLV),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SLT),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SLTI),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SLTIU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SLTU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SRA),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SRAV),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SRL),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SRLV),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SUB),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SUBU),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_SW),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_XOR),
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_XORI),
];


static RET_INSTRUCTIONS: &[capstone::InstrIdArch] = &[
    capstone::InstrIdArch::MIPS(capstone::mips_insn::MIPS_INS_JR)
];