Inspiration
Next quarter i will be taking the computer security class and a graduate level class on disassembly/binary analysis so i wanted to learn more about the low level aspects of computer security.
What it does
When using ROP, an attacker uses their control over the stack right before the return from a function to direct code execution to some other location in the program. This looks for specific combinations of instructions called gadgets which will do this.
How I built it
This is written in python using capstone disassembly framework
Challenges I ran into
At first i tried using regular expressions for finding multi line patterns, but that didnt work out. Initially i was planning to use objdump, but i didn't like the way it would output the disassembly. Also getting the files to properly disassemble with intel syntax correctly using capstone was hard at first.
Accomplishments that I'm proud of
This can search for and find specific instruction combinations which can form useful gadgets.
What I learned
I learned about x86 assembly code, disassembly, calling conventions
What's next for Inspector_Gadget
Improving the user interface and adding a more interactive search so users can find new gadget chains easily.
Log in or sign up for Devpost to join the conversation.