Features:
handling non-return gadgets (jmp reg, call reg)
set registers (rdi=0xxxxxx, rsi=0xxxxxx)
set register to register (rdi=rax)
write to mem
write string/bytes to mem
function call (open('/etc/passwd',0))
pass register in function call (read('rax', bss, 0x100))
avoiding badchars is experimental (need more tests, seetests/)
[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入!
