Dear all, I want to share with you a tool that I wrote for helping me find gadgets useful in ROP exploits.
bdasm is a PyCommand for Immunity Debugger (v 1.73) which can search the address space of a process for a certain opcode/instruction and disassemble backward and forward for a specified number of instructions. You can find more details for usage and examples here: http://stormsecurity.wordpress.com/2010/09/17/backward-disassembler-for-rop-exploitation/ If you find it useful or have any questions please drop me a comment. Regards, Adrian _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
