.Hello,
I just wanted to announce on the release of scrabble.idc
IDC script that finds refactorable code parts that could be used during exploitation. (e.g. RET2ESP, RET2POP, RET2RET and so on)
It currently supports:
//
// Configuration options
//
// - FIND_ALL : Finds all of the above
// - FIND_RET : Finds RET instruction
// - FIND_POP_RET : Finds POPs follow by RET sequance
// - FIND_CALL_REGS : Finds CALLs to register instruction
// - FIND_JMP_REGS : Finds JMPs to register instruction
//
You can get it @ http://www.tty64.org/code/ida-scripts/scrabble.idc
Feedbacks and comments are always welcomed.
- Itzik
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}