found a bug in rop.plt()

Question

found a bug in rop.plt()

bruce30262 opened this issue 9 years ago · comments

Hi, I found some strange bug in the function that get the plt address in the binary

>>> from pwn import *
>>> elf = ELF("./binary")
>>> print hex(elf.symbols['puts'])
0x8048660
>>> import roputils
>>> rop = roputils.ROP("./binary")
>>> print hex(rop.plt('puts'))
0x8048670
>>>

As you can see, I'm using both pwntools & roputils
I expect pwntools' elf.symbols['puts'] will be the same as roputils' rop.plt('puts') , but in fact they output different results.
More importantly, roputils seems to have the wrong plt address. The puts plt address is 0x08048660, not 0x8048670.

Due to some reason, I can't post the testing binary here, can you send me an email (bruce30262[at]gmail.com), so I can send you the testing binary & help you fix the problem?
Thanks!

inaz2 · Answer 1 · Thu Dec 17 2015 19:03:58 GMT+0800 (China Standard Time)

I have changed the calculation of PLT addresses.
Please check it out.

Bruce Chen · Answer 2 · Thu Dec 17 2015 20:09:42 GMT+0800 (China Standard Time)

Works fine now :)
Thanks for fixing the problem !