#!/bin/bash## Simple script for finding specific instructions within target's

1. #!/bin/bash
2. #
3. # Simple script for finding specific instructions within target's .text section
4. # even inside other ones (rolling byte-by-byte), like to be used during ROP
5. # building in Exploit development.
6. #
7. # Written as I was out of internet and needed such utility on a vanilla plain
8. # linux where all I had was binutils. :)
9. # Yup, it's not perfect, but allowed me to find JMP ESP in a blink of an eye.
10. #
11. # Mariusz B., 2016
12. #
13.  
14.  
15. if [ "$#" -lt "2" ]; then
16. echo "Usage: findInstr <file> <regexp> [grep-opts]"
17. exit 1
18. fi
19.  
20. FILE=$1
21. PATTERN=$2
22. OPTS=${@:3}
23.  
24. S=$(readelf -W -S $FILE | grep .text);
25. A=0x$(echo $S | awk '{print $4}');
26. B=0x$(echo $S | awk '{print $6}');
27.  
28. for (( i = 0 ; i < $B ; i++))
29. do
30. ADDR=$(printf "0x%08X" $(($A + $i)) );
31. objdump -j .text -D -M intel --start-address $ADDR $FILE | grep -vE "^$" | grep -vE "<|>|Disassembly|file|format" 2>&1
32. done | grep --color=always $OPTS -iE "$PATTERN" | sed -r 's/DWORD|FWORD|WORD|BYTE|PTR//g' | sort -u