This new, advanced ROP framework made it debute at at DEF CON 31 with some unprecedented capabilities.
ROCKET generates several types of chains, and it provides new patterns or techniques.
Please note that this is still a work in progress, with some updated and enhanced capabilities to be added.
Updates should be regular. If you encounter issues, please put them on issues or email me with them, and I will get them sorted.
Additional, alternate ways of generating certain types of gadgets will also be added.
Work is ongoing with new capabilities regularly added at present. Please check back on a regular basis.
ROP ROCKET is very powerful with some unique capabilities, which includes the following:
This should be installed as a local package. There is a setup.py file. In order to do this, just go to the directory and enter the following command: py -m pip install -e ./
Depending on your Python installation, you may need to vary that slightly. If you go view installed packages, you should see ROP-ROCKET appear: py -m pip list
It is belelived that all required dependencies are included, but if you encounter any issues – due to the newness of this release, just open an issue, and we will look into it.
Just simply run it from the command line:py rop2.py rop_tester_syscall.exe
A fully exploitable rop_tester_syscall.exe is included as a zip file as well.
This was developed just to help make sure that all gadgets are being found and not missed.
This tool was inspired by the much older JOP ROCKET, which I wrote for part of my Ph.D. dissertation and released at DEF CON 27 in 2019.
That led to a lot of further development on JOP and many new JOP capabilities, as well as providing extensive documentation on the mechancis and usage of JOP in different papers.
That tool is a little outdated at the moment – it is an older style of Python. With this new research, part of this inspiration is to try and do something novel and different in the area of ROP.
We have fulfilled that mandate so far. So in a way this tool is inspired by a JOP tool, allowing us to maybe try and think outside the box and in less conventional ways than we normally would with ROP. ROP ROCKET does not have any JOP capabilities – it is strictly devoted to ROP. The only fully dedicated JOP tool is JOP ROCKET, as everything else just kind of has a placeholder for future work on JOP.
Anyway, I wanted to clarify this historical information, so that the similarity in names does not confuse anyone, as these are two very different and unrelated tools.
For more information click here.
Scan your source code and infra IaC against top security risks Betterscan is a orchestration toolchain that…
SQLRecon is a Microsoft SQL Server toolkit that is designed for offensive reconnaissance and post-exploitation.…
PoC for onMouseMove HTML file used in the Russian APT Group campaign targeting Ukraine The…
AWS CDK uses the familiarity and expressive power of programming languages for modeling your applications. It…
The docker container runtime must be used to complete some of the included scenarios. K3s…
Azure Kubernetes Services (AKS) is Microsoft's managed kubernetes offering running on Azure. Explore the robust capabilities…