Powershell ROP Searcher wrapper rp++

During my exploit developement training I observed through a few POC I developed to bypass DEP that some assembly instructions are used quite often during DEP bypass, I decided to create powershell to automate the search.

The script by no mean is a replacement of manual search, its just to optmize and provide a more focus approach with meaninful Gadgets when building the ROPs to defeat DEP.

You can download the script here on my Github PowerShell ROP Searcher

How to use ? #

1. You need to have the rp++ binary full path specified in the script like, on line 29.

   $rpbinpath = "C:\rp++\rp-win-x86.exe"
   

2. You just run the script as follow specificing the module with -dllfile parameter and the filename for the results for -ropfile parameter.

.\Get-RopGadgets.ps1 -dllfile .\msvcrt.dll -ropfile results.txt