203 matches found
capstone/fuzz_disasmmaster: Crash in getRegisterName
Detailed report: https://oss-fuzz.com/testcase?key=5960154649460736 Project: capstone Fuzzer: aflcapstonefuzzdisasmmaster Fuzz target binary: fuzzdisasmmaster Job Type: aflasancapstone Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000100129beb Crash State: getRegisterName...
ROPgadget - This Tool Lets You Search Your Gadgets On Your Binaries To Facilitate Your ROP Exploitation
This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF/PE/Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC and MIPS architectures. Since the version 5, ROPgadget has a new core which is written in Python using Capstone disassembly...
Ropper - Display Information About Files In Different File Formats And You Can Find Gadgets To Build Rop Chains For Different Architectures (X86/X86_64, ARM/ARM64, MIPS, PowerPC)
You can use ropper to display information about binary files in different file formats and you can search for gadgets to build rop chains for different architectures x86/X8664, ARM/ARM64, MIPS/MIPS64, PowerPC. For disassembly ropper uses the awesome Capstone Framework. NOTE: I recommend to use th...
Shellen - Interactive Shellcoding Environment, In Which You Can Easily Craft Your Shellcodes
Shellen is an interactive shellcoding environment. If you want a handy tool to write shellcodes, then shellen may be your friend. Also, it can be used just as assembly/disassembly tool. It uses keystone and capstone engines for all provided operations. Shellen works only on python3. Maybe it will...
IDAsec - IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform
IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform Features Decoding an instruction in DBA IR Loading execution traces generated by Pinsec Triggering analyzes on Binsec and retrieving results Dependencies protobuf ZMQ capstone for trace disassembly graphviz to dr...
Cisco IOS SNMP Remote Code Execution
!/usr/bin/env python if False: ''' CVE-2017-6736 / cisco-sa-20170629-snmp Cisco IOS remote code execution =================== This repository contains Proof-Of-Concept code for exploiting remote code execution vulnerability in SNMP service disclosed by Cisco Systems on June 29th 2017 - Descriptio...
Capstone Integer Overflow Vulnerability
Capstone is a set of cross-platform disassembly framework of the U.S. Capstone company , it can support for binary analysis and reverse engineering of secure communications , etc. . An integer overflow vulnerability exists in the cswinkernelmalloc function in the winkernelmm.c file in Capstone...
PYSEC-2017-113
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
CVE-2017-6952
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
CVE-2017-6952
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
Integer overflow
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
CVE-2017-6952
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
PYSEC-2017-113
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
CVE-2017-6952
CVE-2017-6952 is a capability in Capstone prior to 3.0.5 where an integer overflow in the winkernel_malloc path (winkernel_mm.c) can lead to a heap-based buffer overflow in a kernel driver, enabling denial of service with partial/High impact. Public details identify Capstone 3.0.4 and earlier as ...
CVE-2017-6952
Integer overflow in the cswinkernelmalloc function in winkernelmm.c in Capstone 3.0.4 and earlier allows attackers to cause a denial of service heap-based buffer overflow in a kernel driver or possibly have unspecified other impact via a large value...
Interactive Disassembler: Plasma
Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code. PLASMA is an interactive disassembler. It can generate a more readable assembly pseudo code with colored syntax. You can write scripts with the available Python api. The project is still in big...
Instruction Trace Visualisation Tool: rgat
An instruction trace visualisation tool intended to help reverse engineers make the link between target behaviour and code. rgat uses dynamic binary instrumentation courtesy of DynamoRIO to produce graphs from running executables. It creates static and animated visualisations in realtime to suppo...
GEF - Multi-Architecture GDB Enhanced Features for Exploiters & Reverse-Engineers
GEF is aimed to be used mostly by exploiters and reverse-engineers. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis or exploit development. GEF fully relies on GDB API and other Linux specific source of information such as /proc/pid . A...
Firmware Analysis Tool: Binwalk
Binwalk is a fast, easy to use tool for analyzing and extracting firmware images Firmware Analysis Tool Binwalk is: Fast Flexible Extendable Easy to use Binwalk can: Find and extract interesting files / data from binary images Find and extract raw compression streams Identify opcodes for a variet...
Lightweight Disassembly Framework: Capstone
Lightweight Disassembly Framework Capstone is a multi-platform, multi-architecture lightweight disassembly framework. Capstone Disassembly Engine v3.0 Released Our target is to make Capstone the ultimate disassembly engine for binary analysis and reversing in the security community. Features...