dnrops
/
one_gadget
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add libc in 0ctf-final

This commit is contained in:
david942j 2017-06-06 23:54:03 +08:00
parent 77bd4c9ec8
commit aee8022b09
2 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
builds_list
View File

@ -153,6 +153,7 @@ libc-2.19-87805ebef970b79b4a1fb5facb43719a26c335af
libc-2.19-887a7db21e668f6153604d9e00d1026137f777ee
libc-2.19-8b05579712ebaea7cae547f4fc461c0828e9c446
libc-2.19-8c5d5643cd08bc078f22310103f7c6af4ed37921
libc-2.19-8dbcbca713ca58e2c7e4970e8218d536154bb64e
libc-2.19-8e4150ea59c3a6fdc9f001ba17274f7c48e4be21
libc-2.19-8fa762223d6b8ee6d47af7455c691a5e238c8209
libc-2.19-90b068141be8b0f52ef8dc93e8327cda87a632bc

36
lib/one_gadget/builds/libc-2.19-8dbcbca713ca58e2c7e4970e8218d536154bb64e.rb Normal file
View File

@ -0,0 +1,36 @@
require 'one_gadget/gadget'
# Advanced Micro Devices X86-64
#
# GNU C Library (Debian GLIBC 2.19-18+deb8u9) stable release version 2.19, by Roland McGrath et al.
# Copyright (C) 2014 Free Software Foundation, Inc.
# This is free software; see the source for copying conditions.
# There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
# Compiled by GNU CC version 4.8.4.
# Compiled on a Linux 3.16.39 system on 2017-04-29.
# Available extensions:
# crypt add-on version 2.1 by Michael Glad and others
# GNU Libidn by Simon Josefsson
# Native POSIX Threads Library by Ulrich Drepper et al
# BIND-8.2.3-T5B
# libc ABIs: UNIQUE IFUNC
# For bug reporting instructions, please see:
# <http://www.debian.org/Bugs/>.
build_id = File.basename(__FILE__, '.rb').split('-').last
OneGadget::Gadget.add(build_id, 267124,
constraints: ["[rsp+0x30] == NULL"],
effect: "execve(\"/bin/sh\", rsp+0x30, environ)")
OneGadget::Gadget.add(build_id, 765053,
constraints: ["[rsi] == NULL || rsi == NULL", "[r12] == NULL || r12 == NULL"],
effect: "execve(\"/bin/sh\", rsi, r12)")
OneGadget::Gadget.add(build_id, 765132,
constraints: ["[[rbp-0x48]] == NULL || [rbp-0x48] == NULL", "[r12] == NULL || r12 == NULL"],
effect: "execve(\"/bin/sh\", [rbp-0x48], r12)")
OneGadget::Gadget.add(build_id, 880247,
constraints: ["[rsp+0x70] == NULL"],
effect: "execve(\"/bin/sh\", rsp+0x70, environ)")
OneGadget::Gadget.add(build_id, 895568,
constraints: ["[r9] == NULL || r9 == NULL", "[rdx] == NULL || rdx == NULL"],
effect: "execve(\"/bin/sh\", r9, rdx)")