Does ROPgadget support analysis of raw binary image?
omicronns opened this issue · 9 comments
I'm trying to analyze raw binary image dumped from an embedded device - system memory from STM32 microcontroller. Does ROPgadget support this format? How to enable it?
Help says it is supported:
formats supported:
- ELF
- PE
- Mach-O
- Raw
But when I try to execute it I'm getting an error:
ROPgadget --thumb --rawArch arm --binary stm32_sysmem.bin
[Error] Binary format not supported
Yes, ROPgadget supports raw binaries. Do you use latest ROPgadget version?
I'm using Manjaro linux repository version:
ROPgadget --version
Version: ROPgadget v6.6
Author: Jonathan Salwan
Author page: https://twitter.com/JonathanSalwan
Project page: http://shell-storm.org/project/ROPgadget
It works with following command line:
ROPgadget --rawArch arm --rawMode thumb --rawEndian little --binary stm32_sysmem.bin
Not sure what --thumb switch does then.
--thumb should do the same as --rawMode thumb:
https://github.com/JonathanSalwan/ROPgadget/blob/master/ropgadget/gadgets.py#L261
I reproduced an issue:
ROPgadget --binary test-suite-binaries/raw-x86.raw --rawArch arm --thumb
[Error] Binary format not supported
This seems to be a bug. Looking deeper to fix it.
Maybe solution is just to remove this switch? It's seems a bit redundant.
I am already writing a fix to support both ways
--thumb option is actually useful to search for thumb gadgets in ELF binary.
Now fixes are in mater and specifying either --thumb or --rawMode thumb is possible.