{"id":13755616,"url":"https://github.com/lucasg/idarop","last_synced_at":"2025-04-13T08:53:05.617Z","repository":{"id":62570229,"uuid":"99731982","full_name":"lucasg/idarop","owner":"lucasg","description":"ROP database plugin for IDA","archived":false,"fork":false,"pushed_at":"2018-06-05T19:52:47.000Z","size":550,"stargazers_count":31,"open_issues_count":1,"forks_count":6,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-17T20:41:17.329Z","etag":null,"topics":["database","ida","ida-plugin","rop-gadgets"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lucasg.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-08-08T20:09:38.000Z","updated_at":"2024-11-08T14:54:16.000Z","dependencies_parsed_at":"2022-11-04T00:46:09.653Z","dependency_job_id":null,"html_url":"https://github.com/lucasg/idarop","commit_stats":null,"previous_names":[],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lucasg%2Fidarop","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lucasg%2Fidarop/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lucasg%2Fidarop/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lucasg%2Fidarop/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lucasg","download_url":"https://codeload.github.com/lucasg/idarop/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248688543,"owners_count":21145763,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["database","ida","ida-plugin","rop-gadgets"],"created_at":"2024-08-03T10:00:58.377Z","updated_at":"2025-04-13T08:53:05.584Z","avatar_url":"https://github.com/lucasg.png","language":"Python","funding_links":[],"categories":["\u003ca id=\"1ded622dca60b67288a591351de16f8b\"\u003e\u003c/a\u003e漏洞"],"sub_categories":["\u003ca id=\"cf2efa7e3edb24975b92d2e26ca825d2\"\u003e\u003c/a\u003eROP"],"readme":"Idarop : a ROP database plugin for IDA\r\n=========\r\n\r\n`Idarop` is an IDA plugin which list and store all the ROP gadgets presents within the opened binary. The codebase is vastly copied from the unmaintained IDA plugin [`idaploiter`](https://github.com/iphelix/ida-sploiter). However `idasploiter` is built to work at runtime (lifting IDA debugger API), whereas `idarop` is aimed for a more static approach. \r\n\r\nWhile there is an incredible variety of ROP assisting tools ([just grep ROP in that list](http://www.capstone-engine.org/showcase.html)), most of them just output the found gadgets in the console which makes storing and searching through them a hassle. `idarop` aims to capitalize on the `idb` file format (and IDA) to store ROP gagdets along RE informations (assembly annotations, type infos, etc.) :\r\n\r\n\u003cp align=\"center\"\u003e\r\n\u003cimg alt=\"Listing ROP Gadgets in a specific list view in IDA\" src=\"screenshots/ListingGadgets.PNG\"/\u003e\r\n\u003c/p\u003e\r\n\r\nUsing IDA to view gadgets allows the user to take advantage of the \"advanced\" list filtering IDA provides : in the following picture, only gadgets having a `0xff` opcode and less than 4 bytes are shown (and the ones touching `esp` are highlighted).\r\n\r\n\u003cp align=\"center\"\u003e\r\n\u003cimg alt=\"Filtering ROP Gadgets using IDA Filters Tool\" src=\"screenshots/FilteringGadgets.PNG\"/\u003e\r\n\u003c/p\u003e\r\n\r\nNB : This plugin only works on `x86` binaries.\r\n\r\n## Dependencies\r\n\r\n`idarop` rely on [`ida-netnode`](https://github.com/williballenthin/ida-netnode) to store found gadgets address in the `.idb` database. If `netnode` not installed, the ROP search results will just be discarded at IDA's exit. \r\n\r\n## Usage\r\n\r\n`idarop` provides two shortucts :\r\n\r\n* `Maj+R` to list found ROP gadgets  \r\n* `Ctrl+Maj+R` to do a new gadgets search (wipes previous results)\r\n\r\n\u003cp align=\"center\"\u003e\r\n\u003cimg alt=\"Searching ROP gadgets within IDA\" src=\"screenshots/SearchForGadgets.PNG\"/\u003e\r\n\u003c/p\u003e\r\n\r\n( The search configuration and UI is copied and adapted from `idasploiter`)\r\n\r\n## Install\r\n\r\n`idarop` is on Pypi, so you can pip from it.\r\n\r\nOn Windows:\r\n\r\n* `C:\\Python27\\Scripts\\pip2.7.exe install idarop --install-option=\"--ida\"`\r\n* `C:\\Python27\\Scripts\\pip2.7.exe install idarop --install-option=\"--ida=\"6.9\"\"`\r\n\r\nIda is installed in the Program Files folder, so you need to run this command with Administrator rights.\r\n\r\n\r\nAlternatively, you can clone the repo and type \"`C:\\Python27\\python.exe setup.py install --ida`\". `idarop` use a \"clever\" [`__ida_setup__.py`](https://github.com/lucasg/idasetup) script to override the traditionnal `distools` `install` command to install the plugin in the correct IDA plugins directory.\r\n\r\n## Credits\r\n\r\nSince this project is largely a ersatz of it, it would be criminal of me not to thanks [Peter Kacherginsky](https://thesprawl.org/) for its work on `idasploiter`.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flucasg%2Fidarop","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flucasg%2Fidarop","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flucasg%2Fidarop/lists"}