Add 2.29, 2.30, and 2.31 builds (#118)

builds_list

@@ -722,15 +722,21 @@ libc-2.28-44f5a3efb0e5733fa9d97e690cb36cd4c682bcdb
 libc-2.28-5784a31a1c26f6d2157e585205ebb63dd19ff90f
 libc-2.28-5b157f49586a3ca84d55837f97ff466767dd3445
 libc-2.28-6ee9454b96efa9e343f9e8105f2fa4529265ea05
+libc-2.29-2195ff86b0ddead43a7c08f46b95b0887cdb96fa
+libc-2.29-6d8abbab5b004d65bfdf909fd4982103499cd1c9
 libc-2.29-85d5020664b11fd2708859275de41d5ab9d104cf
 libc-2.29-9a1100ebab15d22bbc31836b0656d2fa5a6a1252
 libc-2.29-d389232dd725501db38f08e2aca0b44ab3af314f
 libc-2.29-d561ec515222887a1e004555981169199d841024
 libc-2.30-00854a16b9b4b73893627ccb730d97907837e320
+libc-2.30-135c0b4a030ec9b6306ed6b621e1e0dedfd614a3
 libc-2.30-2155f455ad56bd871c8225bcca85ee25c1c197c4
+libc-2.30-3f72ae987c135c35f2e721c61991ec46df8816ab
+libc-2.30-4ab6143b59defc12c3d50d176c78b4e6e5a2c179
 libc-2.30-75e3e2d9596aae251330ae7ef3f91a847fc62641
 libc-2.30-93abe093a13b9b10f83b5e6de4a63a0d29175c89
 libc-2.30-c60a7605ae87b9b40426e3123b12a91bfe2036f3
 libc-2.30-cd779a06a5df37cdad8dfcfa12cb2c8db36f62f4
 libc-2.30-dc43d2c2d727158000c9bef6d47e17722d41ec2d
 libc-2.30-f07144cc3d0ac50415f3a2e061be6da672c914ba
+libc-2.31-b61d34c10e608722a90d339bd9a7ff28b18cd501

lib/one_gadget/builds/libc-2.29-2195ff86b0ddead43a7c08f46b95b0887cdb96fa.rb

@@ -0,0 +1,32 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6-amd64-2.29-9/lib64/libc-2.29.so
+# 
+# Advanced Micro Devices X86-64
+# 
+# GNU C Library (Debian GLIBC 2.29-9) stable release version 2.29.
+# Copyright (C) 2019 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 9.2.1 20200104.
+# libc ABIs: UNIQUE IFUNC ABSOLUTE
+# For bug reporting instructions, please see:
+# <http://www.debian.org/Bugs/>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 820442,
+                      constraints: ["[r12] == NULL || r12 == NULL", "[r13] == NULL || r13 == NULL"],
+                      effect: "execve(\"/bin/sh\", r12, r13)")
+OneGadget::Gadget.add(build_id, 820445,
+                      constraints: ["[r12] == NULL || r12 == NULL", "[rdx] == NULL || rdx == NULL"],
+                      effect: "execve(\"/bin/sh\", r12, rdx)")
+OneGadget::Gadget.add(build_id, 820448,
+                      constraints: ["[rsi] == NULL || rsi == NULL", "[rdx] == NULL || rdx == NULL"],
+                      effect: "execve(\"/bin/sh\", rsi, rdx)")
+OneGadget::Gadget.add(build_id, 943691,
+                      constraints: ["[rsp+0x60] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsp+0x60, environ)")
+OneGadget::Gadget.add(build_id, 943703,
+                      constraints: ["[rsi] == NULL || rsi == NULL", "[[rax]] == NULL || [rax] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsi, [rax])")
+

lib/one_gadget/builds/libc-2.29-6d8abbab5b004d65bfdf909fd4982103499cd1c9.rb

@@ -0,0 +1,23 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6-i386-2.29-9/lib32/libc-2.29.so
+# 
+# Intel 80386
+# 
+# GNU C Library (Debian GLIBC 2.29-9) stable release version 2.29.
+# Copyright (C) 2019 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 9.2.1 20200104.
+# libc ABIs: UNIQUE IFUNC ABSOLUTE
+# For bug reporting instructions, please see:
+# <http://www.debian.org/Bugs/>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 1282154,
+                      constraints: ["esi is the GOT address of libc", "eax == NULL"],
+                      effect: "execl(\"/bin/sh\", eax)")
+OneGadget::Gadget.add(build_id, 1282155,
+                      constraints: ["esi is the GOT address of libc", "[esp] == NULL"],
+                      effect: "execl(\"/bin/sh\", [esp])")
+

lib/one_gadget/builds/libc-2.30-135c0b4a030ec9b6306ed6b621e1e0dedfd614a3.rb

@@ -0,0 +1,23 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6-i386-2.30-7/lib32/libc-2.30.so
+# 
+# Intel 80386
+# 
+# GNU C Library (Debian GLIBC 2.30-7) stable release version 2.30.
+# Copyright (C) 2019 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 9.3.0.
+# libc ABIs: UNIQUE IFUNC ABSOLUTE
+# For bug reporting instructions, please see:
+# <http://www.debian.org/Bugs/>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 1307451,
+                      constraints: ["ebp is the GOT address of libc", "eax == NULL"],
+                      effect: "execl(\"/bin/sh\", eax)")
+OneGadget::Gadget.add(build_id, 1307452,
+                      constraints: ["ebp is the GOT address of libc", "[esp] == NULL"],
+                      effect: "execl(\"/bin/sh\", [esp])")
+

lib/one_gadget/builds/libc-2.30-3f72ae987c135c35f2e721c61991ec46df8816ab.rb

@@ -0,0 +1,32 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6-amd64-2.30-4/lib64/libc-2.30.so
+# 
+# Advanced Micro Devices X86-64
+# 
+# GNU C Library (Debian GLIBC 2.30-4) stable release version 2.30.
+# Copyright (C) 2019 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 9.3.0.
+# libc ABIs: UNIQUE IFUNC ABSOLUTE
+# For bug reporting instructions, please see:
+# <http://www.debian.org/Bugs/>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 833434,
+                      constraints: ["[r12] == NULL || r12 == NULL", "[r13] == NULL || r13 == NULL"],
+                      effect: "execve(\"/bin/sh\", r12, r13)")
+OneGadget::Gadget.add(build_id, 833437,
+                      constraints: ["[r12] == NULL || r12 == NULL", "[rdx] == NULL || rdx == NULL"],
+                      effect: "execve(\"/bin/sh\", r12, rdx)")
+OneGadget::Gadget.add(build_id, 833440,
+                      constraints: ["[rsi] == NULL || rsi == NULL", "[rdx] == NULL || rdx == NULL"],
+                      effect: "execve(\"/bin/sh\", rsi, rdx)")
+OneGadget::Gadget.add(build_id, 954987,
+                      constraints: ["[rsp+0x60] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsp+0x60, environ)")
+OneGadget::Gadget.add(build_id, 954999,
+                      constraints: ["[rsi] == NULL || rsi == NULL", "[[rax]] == NULL || [rax] == NULL"],
+                      effect: "execve(\"/bin/sh\", rsi, [rax])")
+

lib/one_gadget/builds/libc-2.30-4ab6143b59defc12c3d50d176c78b4e6e5a2c179.rb

@@ -0,0 +1,23 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6-i386-2.30-4/lib32/libc-2.30.so
+# 
+# Intel 80386
+# 
+# GNU C Library (Debian GLIBC 2.30-4) stable release version 2.30.
+# Copyright (C) 2019 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 9.3.0.
+# libc ABIs: UNIQUE IFUNC ABSOLUTE
+# For bug reporting instructions, please see:
+# <http://www.debian.org/Bugs/>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 1307451,
+                      constraints: ["ebp is the GOT address of libc", "eax == NULL"],
+                      effect: "execl(\"/bin/sh\", eax)")
+OneGadget::Gadget.add(build_id, 1307452,
+                      constraints: ["ebp is the GOT address of libc", "[esp] == NULL"],
+                      effect: "execl(\"/bin/sh\", [esp])")
+

lib/one_gadget/builds/libc-2.31-b61d34c10e608722a90d339bd9a7ff28b18cd501.rb

@@ -0,0 +1,23 @@
+require 'one_gadget/gadget'
+# https://gitlab.com/david942j/libcdb/blob/master/libc/libc6-i386-2.31-0experimental0/lib32/libc-2.31.so
+# 
+# Intel 80386
+# 
+# GNU C Library (Debian GLIBC 2.31-0experimental0) stable release version 2.31.
+# Copyright (C) 2020 Free Software Foundation, Inc.
+# This is free software; see the source for copying conditions.
+# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+# Compiled by GNU CC version 9.2.1 20200224.
+# libc ABIs: UNIQUE IFUNC ABSOLUTE
+# For bug reporting instructions, please see:
+# <http://www.debian.org/Bugs/>.
+
+build_id = File.basename(__FILE__, '.rb').split('-').last
+OneGadget::Gadget.add(build_id, 1310171,
+                      constraints: ["ebp is the GOT address of libc", "eax == NULL"],
+                      effect: "execl(\"/bin/sh\", eax)")
+OneGadget::Gadget.add(build_id, 1310172,
+                      constraints: ["ebp is the GOT address of libc", "[esp] == NULL"],
+                      effect: "execl(\"/bin/sh\", [esp])")
+

tasks/builds/generate.rake

@@ -77,7 +77,7 @@ OneGadget::Gadget.add(build_id, OFFSET,
     len = str[st..-1].index("\x00")
     return nil if len.nil?
 
-    fname = filename.sub('../libcdb', 'https://gitlab.com/libcdb/libcdb/blob/master')
+    fname = filename.sub('../libcdb', 'https://gitlab.com/david942j/libcdb/blob/master')
     {
       build_id: build_id,
       info: fname + "\n\n" + arch + "\n\n" + str[st, len]