Searching for ROP Gadgets with powershelll
Table of Contents
A few years ago I decided to use powershell more and more instead of tasking most of my work in python. The problem with python if you are using windows, you have to install the python interpreter and with powershell it comes out of the box.
When developing ROP Gadgets, I like to use powershell to look for what I need.
The Get-Content read a file, the shortcut command is gc, you can pipe to select-string which will search for your desirable pattern along with the -AllMatches parameter. The select-string supports Regex out of the box.
Example 1 #
Get-Content .\file.txt | Select-String ".*sub esp.*ret" -AllMatches
The second example we will look for “add esp, 0x*****” Gadgets that contains numbers 5 to 10, we for loop through and search for it.
Example 2 #
5..10 | % { Get-Content .\PowerManagementCtrl_Rop.txt | Select-String ".*add esp, 0x.*$_.*ret" -AllMatches }
There are two powershell books that changed my life and I recommend buying, if you are interested
Books #
- Learn PowerShell in a Month of Lunches, Fourth Edition: Covers Windows, Linux, and macOS
- PowerShell Cookbook: Your Complete Guide to Scripting the Ubiquitous Object-Based Shell