{"id":13598758,"url":"https://github.com/0vercl0k/rp","last_synced_at":"2025-05-14T03:10:07.436Z","repository":{"id":2573889,"uuid":"3554173","full_name":"0vercl0k/rp","owner":"0vercl0k","description":"rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.","archived":false,"fork":false,"pushed_at":"2025-04-26T17:42:13.000Z","size":20521,"stargazers_count":1920,"open_issues_count":4,"forks_count":257,"subscribers_count":68,"default_branch":"master","last_synced_at":"2025-04-26T18:30:47.782Z","etag":null,"topics":["binary-exploitation","exploit-development","exploitation-framework","gadget","return-oriented-programming","rop","rop-chain","rop-gadgets"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0vercl0k.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"0vercl0k"}},"created_at":"2012-02-26T19:26:33.000Z","updated_at":"2025-04-26T17:42:13.000Z","dependencies_parsed_at":"2022-07-11T19:49:59.571Z","dependency_job_id":"f26b9edc-0d1c-4ee0-aa0a-7b203f5b9980","html_url":"https://github.com/0vercl0k/rp","commit_stats":{"total_commits":155,"total_committers":13,"mean_commits":"11.923076923076923","dds":"0.23225806451612907","last_synced_commit":"2f45c4fbf3b489f1653aba35036bfeab03384542"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0vercl0k%2Frp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0vercl0k%2Frp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0vercl0k%2Frp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0vercl0k%2Frp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0vercl0k","download_url":"https://codeload.github.com/0vercl0k/rp/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254059511,"owners_count":22007769,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["binary-exploitation","exploit-development","exploitation-framework","gadget","return-oriented-programming","rop","rop-chain","rop-gadgets"],"created_at":"2024-08-01T17:00:55.912Z","updated_at":"2025-05-14T03:10:02.401Z","avatar_url":"https://github.com/0vercl0k.png","language":"C++","funding_links":["https://github.com/sponsors/0vercl0k"],"categories":["C++","others"],"sub_categories":[],"readme":"# rp++: a fast ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries\n\n![Builds](https://github.com/0vercl0k/rp/workflows/Builds/badge.svg)\n\n## Overview\n\n**rp++** or **rp** is a C++ [ROP](https://en.wikipedia.org/wiki/Return-oriented_programming) gadget finder for [PE](https://docs.microsoft.com/en-us/windows/win32/debug/pe-format)/[ELF](https://en.wikipedia.org/wiki/Executable_and_Linkable_Format)/[Mach-O](https://en.wikipedia.org/wiki/Mach-O) executables and x86/x64/ARM/ARM64 architectures.\n\n\u003cp align='center'\u003e\n\u003cimg src='pics/rp.gif'\u003e\n\u003c/p\u003e\n\n## Finding ROP gadgets\n\nTo find ROP gadget you need to specify a file with the `--file` / `-f` option and use the `--rop` / `-r` option specifying the maximum the number of instructions in the gadget:\n\n\u003cp align='center'\u003e\n\u003cimg src='pics/rp-r.gif'\u003e\n\u003c/p\u003e\n\nYou can customize the base address of the module with the `--va` option (if you pass a base of `0`, then you get relative offsets) and you can also use the `--raw` option to analyze raw code dumps.\n\n## Finding pointers\n\nOftentimes when building ROP chains, you might need to find pointers to integers with specific values. To look for those, you can use the `--search-int` option like in the below:\n\n\u003cp align='center'\u003e\n\u003cimg src='pics/rp-sint.gif'\u003e\n\u003c/p\u003e\n\nOther times, you might need to find pointers to specific strings. To look for those, you can use the `--search-hexa` option like in the below:\n\n\u003cp align='center'\u003e\n\u003cimg src='pics/rp-shexa.gif'\u003e\n\u003c/p\u003e\n\nYou can also use the `--va` option to specify your own base address.\n\n## Build\n\nYou can find shell scripts in [src/build](src/build) for every supported platforms; below is the Linux example:\n\n```\nsrc/build$ chmod u+x ./build-release.sh \u0026\u0026 ./build-release.sh\n-- The C compiler identification is GNU 9.3.0\n-- The CXX compiler identification is GNU 9.3.0\n[...]\n[16/16] Linking CXX executable rp-lin-x64\n```\n\n## Authors\n\n* Axel '[0vercl0k](https://twitter.com/0vercl0k)' Souchet\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0vercl0k%2Frp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0vercl0k%2Frp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0vercl0k%2Frp/lists"}