Git Product home page Git Product logo

Comments (17)

sashs avatar sashs commented on May 19, 2024 1

At least your bug should be fixed now. However, the cache has to be deleted. You can do that by using the --clear-cache command.

from ropper.

sashs avatar sashs commented on May 19, 2024

Hi,

could you provide the test.exe?

Best
Sascha

from ropper.

sunny-lan avatar sunny-lan commented on May 19, 2024

Alright, here it is:
https://drive.google.com/file/d/0B7AnNw--HBtWM3VMZ3RyU09xWmc/view?usp=sharing
Do you need the source code?

from ropper.

sashs avatar sashs commented on May 19, 2024

Thanks. No, I don't. The binary is enough. :)

from ropper.

sunny-lan avatar sunny-lan commented on May 19, 2024

And I forgot to mention I am using Python 2.7.1...

from ropper.

sashs avatar sashs commented on May 19, 2024

I need more information, because I cannot reproduce that. It works perfectly for me. I tested it with python2.7.1 and the current version.

Which windows version?

What is the output of this command print(__import__("sys").platform)?

from ropper.

sunny-lan avatar sunny-lan commented on May 19, 2024

My windows version is Windows 7, and the output of the command is win32

from ropper.

sashs avatar sashs commented on May 19, 2024

Mh, strange.
I tested it on a freshly installed Windows. It works for me.
Which version of ropper did you use?

from ropper.

sunny-lan avatar sunny-lan commented on May 19, 2024

I am using version 1.10.7...
Perhaps there is something wrong with my python installation

from ropper.

sashs avatar sashs commented on May 19, 2024

Have you tried it again with a new python installation?

from ropper.

ashquarky avatar ashquarky commented on May 19, 2024

I'm getting this error too - tried reinstalling Python several times.

I'm trying to use an ELF for PowerPC (32 bit, big endian) using the latest master (320c242) on WSL (aka Bash on Ubuntu on Windows). Running Python 2.7.6, linux2. Fresh installs of capstone and filebytes, got 'em this morning. Any ideas? The executable is technically copyrighted but I'll look around for another file that causes a similar issue.

/bin/ls works fine.

Update: The file that doesn't work doesn't appear to have any section headers. Hmm.

from ropper.

sashs avatar sashs commented on May 19, 2024

Hi,

the current problem is that I cannot reproduce this issue. Can you provide the file? If not, I will try to create an ELF file without section headers.

from ropper.

user1029 avatar user1029 commented on May 19, 2024

I had the same problem. In my case I resolved it after deleting files from C:\Users\user\Local Settings\Temp\ropper_cache.

from ropper.

bnbdr avatar bnbdr commented on May 19, 2024

Regarding the list index out of range error:

The path for the cache on Windows 10 is: %USERPROFILE%\.ropper\cache- clearing it helped.

@sashs, I think the issue with the IndexError (raised here) is happening because there aren't necessarily count processes in the list.

from ropper.

sashs avatar sashs commented on May 19, 2024

There are different changes in ropper, also in the cache. You can find it in the dev branch. Could someone retest this issue, please? I would like to close this issue.

from ropper.

eternaleclipse avatar eternaleclipse commented on May 19, 2024

Tested on:

  • Windows 10 standard cmd with Python 2.7.13
  • WSL with Python 2.7.13

Cannot reproduce.

Edit: After doing some more testing on dev branch:
This happens for every binary, only after searching for gadgets (i.e. --info doesn't trigger this exception).

To reproduce:

  • Clear the cache (delete %USERPROFILE%\.ropper)
  • Run the command twice or more

In the second run, output becomes unsynchronized.

Running tasklist | findstr /i python during the first run shows one python process, and every run after that is 2 python processes.

First run:

python Ropper.py -f test-binaries\ls-x86_64
[INFO] Load gadgets for section: PHDR
[LOAD] loading... 100%
[INFO] Load gadgets for section: LOAD
[LOAD] loading... 100%
[LOAD] removing double gadgets... 100%



Gadgets
=======


0x000000000041adfe: adc al, 0; add byte ptr [rax], ah; add edi, edi; jmp qword ptr [rbp];
0x000000000041ae79: adc al, 0; add byte ptr [rax], al; adc al, 0x15; add byte ptr [rax], al; rol byte ptr [rbx], 0xff; jmp qword ptr [rax];
0x000000000041b889: adc al, 0; add byte ptr [rax], al; and al, 0x1f; add byte ptr [rax], al; xor byte ptr [rdi + rdi*8], dh; call qword ptr [rdx];
0x000000000041b8a1: adc al, 0; add byte ptr [rax], al; cmp al, 0x1f; add byte ptr [rax], al; cmp byte ptr [rdi + rdi*8], dh; call qword ptr [rcx];
...

1258 gadgets found

Second run:

[INFO] Load gadgets from cache
[LOAD] loading... 0%[INFO] Load gadgets for section: PHDR
[LOAD] loading... 100%
[INFO] Load gadgets for section: LOAD
INFO][LOAD]  Lload gadgets for section: PHDRoading...
oading...[LOAD]  1l00%oading...
 [2INFO]% Load gadgets for section: LOAD
[LOAD] loading... 100%%ing... 79%%  87%6%
 [LOAD]l oading...r emoving double gadgets...1 00%2 729%0%
00%[LOAD]emoving double gadgets...r emoving double gadgets...6 2%1  692%9%
 removing double gadgets...
6

adgets
[LOAD]= ======
r
emoving double gadgets...
0[LOAD]x000000000041adfe: adc al, 0; add byte ptr [rax], ah; add edi, edi; jmp qword ptr [rbp];
removing double gadgets... 602%x000000000041ae79: adc al, 0; add byte ptr [rax], al; adc al, 0x15; add byte ptr [rax], al; rol byte ptr [rbx], 0xff; jmp qword ptr [rax];
[LOAD] removing double gadgets...0 x000000000041b889: adc al, 0; add byte ptr [rax], al; and al, 0x1f; add byte ptr [rax], al; xor byte ptr [rdi + rdi*8], dh; call qword ptr [rdx]; 6
[LOAD]0 x000000000041b8a1: adc al, 0; add byte ptr [rax], al; cmp al, 0x1f; add byte ptr [rax], al; cmp byte ptr [rdi + rdi*8], dh; call qword ptr [rcx]; r
emoving double gadgets... 62%0x000000000041b841: adc al, 0; add byte ptr [rax], al; fcomp qword ptr [rsi]; add byte ptr [rax], al; sub byte ptr [rdi + rdi*8], dh; call qword ptr [rdi];
[LOAD] removing double gadgets...0 x000000000041bb71: adc al, 0; add byte ptr [rax], al; or al, 0x22; add byte ptr [rax], al; fcom dword ptr [rdx - 1]; jmp qword ptr [rax]; 6
[LOAD]0 x000000000041ae7d: adc al, 0x15; add byte ptr [rax], al; rol byte ptr [rbx], 0xff; jmp qword ptr [rax]; r
emoving double gadgets... 602%x0000000000408614: adc al, 0x89; ret 0xe281;
[LOAD] 0rx0000000000412131: adc al, 0xb8; add dword ptr [rax], eax; add byte ptr [rax], al; ret; emoving double gadgets...
 602%x0000000000410fc5: adc al, 0xff; jmp qword ptr [rsi + 0xf];
[LOAD] 0rx000000000040c9c6: adc al, byte ptr [rax - 0x80]; int 0x80; emoving double gadgets...
 602%x000000000040e589: adc al, ch; ret 0xff3c;
[LOAD] 0rx000000000041106f: adc bh, bh; jmp qword ptr [rsi + 0x2e]; emoving double gadgets...
 602%x0000000000406bb9: adc bh, dh; ret 0x8080;
[LOAD] r0emoving double gadgets...x000000000040aae1: adc byte ptr [r11 + 9], sil; shl rax, 4; add rax, qword ptr [rbx]; pop rbx; ret;
x0000000000405e03: adc byte ptr [r8 + 1], cl; ror byte ptr [rax - 0x7d], 1; ret 0x4808; [LOAD]
 r0emoving double gadgets...x000000000040b25d: adc byte ptr [r8], r8b; ret;
0[LOAD]x000000000040b16e: adc byte ptr [rax + 0x39], cl; push rdi; or byte ptr [rdi - 0x46], dh; mov rax, rcx; ret;

...

0x0000000000404944: xor edx, edx; div rsi; mov rax, rdx; ret;
0x000000000040aab4: xor edx, edx; ror rax, 3; div rsi; mov rax, rdx; ret;
0x000000000040e6bf: xor edx, esi; mov dword ptr [rdi], edx; ret;

1258 gadgets found
Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "C:\python27\lib\multiprocessing\forking.py", line 381, in main
    self = load(from_parent)
  File "C:\python27\lib\pickle.py", line 1384, in load
    return Unpickler(file).load()
  File "C:\python27\lib\pickle.py", line 864, in load
    dispatch[key](self)
  File "C:\python27\lib\pickle.py", line 886, in load_eof
    raise EOFError
EOFError

I'm not exactly certain if this is the same bug though but it does look like the root cause is the same, or at least very related.

from ropper.

eternaleclipse avatar eternaleclipse commented on May 19, 2024

Yep 👍

from ropper.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.