[PATCH] gnu: Add ROPgadget.

DoneSubmitted by Jakub Kądziołka.
Details
2 participants
  • Jack Hill
  • Jakub Kądziołka
Owner
unassigned
Severity
normal
J
J
Jakub Kądziołka wrote on 24 Mar 00:52 +0100
(address . guix-patches@gnu.org)
20200323235209.25030-1-kuba@kadziolka.net
* gnu/packages/engineering.scm (ropgadget): New variable.--- gnu/packages/engineering.scm | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+)
Toggle diff (35 lines)diff --git a/gnu/packages/engineering.scm b/gnu/packages/engineering.scmindex 28a30a6831..bacfc2fbf6 100644--- a/gnu/packages/engineering.scm+++ b/gnu/packages/engineering.scm@@ -1306,6 +1306,28 @@ bindings for Python, Java, OCaml and more.") (define-public python2-capstone (package-with-python2 python-capstone)) +(define-public ropgadget+ (package+ (name "ropgadget")+ (version "6.2")+ (source+ (origin+ (method url-fetch)+ (uri (pypi-uri "ROPGadget" version))+ (sha256+ (base32+ "0idiicgpijar9l9kqmfdh865c2mkfgxg0q7lpz77jc09l6q0afjh"))))+ (build-system python-build-system)+ (propagated-inputs+ `(("python-capstone" ,python-capstone)))+ (home-page "http://shell-storm.org/project/ROPgadget/")+ (synopsis+ "Gadget finder and auto-roper")+ (description+ "This tool lets you search for gadgets in binaries to help with ROP+chain construction.")+ (license license:bsd-3)))+ (define-public radare2 (package (name "radare2")-- 2.25.2
J
J
Jack Hill wrote on 24 Mar 16:18 +0100
(name . Jakub Kądziołka)(address . kuba@kadziolka.net)(address . 40203@debbugs.gnu.org)
alpine.DEB.2.20.2003241115350.5735@marsh.hcoop.net
On Tue, 24 Mar 2020, Jakub K�dzio�ka wrote:
[snip]
Toggle quote (4 lines)> + (description> + "This tool lets you search for gadgets in binaries to help with ROP> +chain construction.")
Perhaps we should expand what ROP means here. I as able to figure it out with some searching, but it would probably help non-domain experts know what this package is for.
I believe such a change would be in line with what the Guix manual recommends: https://guix.gnu.org/manual/en/html_node/Synopses-and-Descriptions.html
Best,Jack
J
J
Jakub Kądziołka wrote on 24 Mar 17:34 +0100
(name . Jack Hill)(address . jackhill@jackhill.us)(address . 40203@debbugs.gnu.org)
20200324163448.fhjxatikhb7yovj2@gravity
On Tue, Mar 24, 2020 at 11:18:05AM -0400, Jack Hill wrote:
Toggle quote (12 lines)> On Tue, 24 Mar 2020, Jakub Kądziołka wrote:> > [snip]> > > + (description> > + "This tool lets you search for gadgets in binaries to help with ROP> > +chain construction.")> > Perhaps we should expand what ROP means here. I as able to figure it out> with some searching, but it would probably help non-domain experts know what> this package is for.
Thanks, I totally forgot about non-domain experts when writing thatdescription. What do you think about this revised version?
(synopsis "Semiautomatic return oriented programming") (description "This tool lets you search for @acronym{ROP, Return Oriented Programming}gadgets in binaries. Some facilities are included for automatically generatingchains of gadgets to execute system calls.")
Also, is the file in which I've put this package right? I choose thatplace because that's where radare2 is, and it has a relativelysimilar purpose. However, radare2 is a loose fit already, so ROPgadgetwould be two steps removed from the original purpose of the file...
Regards,Jakub Kądziołka
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE5Xa/ss9usT31cTO54xWnWEYTFWQFAl56NqgACgkQ4xWnWEYTFWQ2lhAApu3wmluiiqBwRizs0JrpYiTaPZRSjUYvHItCNVgOPjD6/+zG725XMjs155HurjscN3UrEoEm5KJBxg4VTxV23QmSZ8qand9txRdxUOCLIdNDHTQmQAY/FFqAvEWFVA8PI+V2TQvS42odDWwryGZniMde9tfAoOJzAEoRPCsd1/BNAA67bZbziPafQeDUTZAJdd6mD8FMJ+ig7D/ZU8N0USQR+tlnxzilUCnEqlI/MYcPpC6Rah80dQCvSNxcH/Pp7zuh+2ShuV5g4+I+94mLmDVPXaCsPx0LX/qMre5KbYmoOL3EufykJcl5rfnGwhPy0mXtZiNv1qWqEIrvADtKognowRAsTmtUFDMtdsYW/1hcopfzrpc6UuO9osnWCt5vi3Uwo3h1WKJr2H5GXnY4KH5SYFLtVGLmITuUzMon23d7cf60snBxajKO4fJiMIsz5RLK2B4pQpy9iLf87HZo11Qk1SuGR7LliRor3iUkXaMzShjk6bbQsR0oHVI8oD2Bt7cPkpylQGVKfo3PDJAgvgSelUmLUam60mcGXUwNy43nRVX4gIxEGD2nrakqwigjuHdv7I7emQ2nXJxGTuK3ZoCIT+RJOhOtD3jQgBz4BsLj+8uUrcUSVDnQw7rKoDkklG39Uf8J9ZJdTkW7DELTiGUnzsMlcfZeC44JS0lvsrg==pUHw-----END PGP SIGNATURE-----

J
J
Jack Hill wrote on 24 Mar 17:53 +0100
(name . Jakub Kądziołka)(address . kuba@kadziolka.net)(address . 40203@debbugs.gnu.org)
alpine.DEB.2.20.2003241237260.5735@marsh.hcoop.net
On Tue, 24 Mar 2020, Jakub Kądziołka wrote:
Toggle quote (22 lines)> On Tue, Mar 24, 2020 at 11:18:05AM -0400, Jack Hill wrote:>> On Tue, 24 Mar 2020, Jakub Kądziołka wrote:>>>> [snip]>>>>> + (description>>> + "This tool lets you search for gadgets in binaries to help with ROP>>> +chain construction.")>>>> Perhaps we should expand what ROP means here. I as able to figure it out>> with some searching, but it would probably help non-domain experts know what>> this package is for.>> Thanks, I totally forgot about non-domain experts when writing that> description. What do you think about this revised version?>> (synopsis "Semiautomatic return oriented programming")> (description> "This tool lets you search for @acronym{ROP, Return Oriented Programming}> gadgets in binaries. Some facilities are included for automatically generating> chains of gadgets to execute system calls.")
That makes it clearer to me, thanks!
Toggle quote (5 lines)> Also, is the file in which I've put this package right? I choose that> place because that's where radare2 is, and it has a relatively> similar purpose. However, radare2 is a loose fit already, so ROPgadget> would be two steps removed from the original purpose of the file...
Indeed. (Package) organization is difficult. I don't think I have any useful insights.
Best,Jack
J
J
Jakub Kądziołka wrote on 26 Mar 22:55 +0100
[PATCH v2] gnu: Add ROPgadget.
(address . 40203@debbugs.gnu.org)(address . jackhill@jackhill.us)
20200326215529.12389-1-kuba@kadziolka.net
* gnu/packages/cybersecurity.scm: New file.(ropgadget): New variable.* gnu/local.mk (GNU_SYSTEM_MODULES): Register the file.---I have decided to move the package to a separate file. I don't recallever doing that before, so I'm sending the package for another,hopefully quick, round of review.
gnu/local.mk | 1 + gnu/packages/cybersecurity.scm | 46 ++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 gnu/packages/cybersecurity.scm
Toggle diff (66 lines)diff --git a/gnu/local.mk b/gnu/local.mkindex 07b159c4fe..0a406dffa0 100644--- a/gnu/local.mk+++ b/gnu/local.mk@@ -138,6 +138,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/cups.scm \ %D%/packages/curl.scm \ %D%/packages/cvassistant.scm \+ %D%/packages/cybersecurity.scm \ %D%/packages/cyrus-sasl.scm \ %D%/packages/databases.scm \ %D%/packages/datamash.scm \diff --git a/gnu/packages/cybersecurity.scm b/gnu/packages/cybersecurity.scmnew file mode 100644index 0000000000..aedac03b8a--- /dev/null+++ b/gnu/packages/cybersecurity.scm@@ -0,0 +1,46 @@+;;; GNU Guix --- Functional package management for GNU+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>+;;;+;;; This file is part of GNU Guix.+;;;+;;; GNU Guix is free software; you can redistribute it and/or modify it+;;; under the terms of the GNU General Public License as published by+;;; the Free Software Foundation; either version 3 of the License, or (at+;;; your option) any later version.+;;;+;;; GNU Guix is distributed in the hope that it will be useful, but+;;; WITHOUT ANY WARRANTY; without even the implied warranty of+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the+;;; GNU General Public License for more details.+;;;+;;; You should have received a copy of the GNU General Public License+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.++(define-module (gnu packages cybersecurity)+ #:use-module (guix download)+ #:use-module (guix packages)+ #:use-module ((guix licenses) #:prefix license:)+ #:use-module (guix build-system python)+ #:use-module (gnu packages engineering))++(define-public ropgadget+ (package+ (name "ropgadget")+ (version "6.2")+ (source+ (origin+ (method url-fetch)+ (uri (pypi-uri "ROPGadget" version))+ (sha256+ (base32+ "0idiicgpijar9l9kqmfdh865c2mkfgxg0q7lpz77jc09l6q0afjh"))))+ (build-system python-build-system)+ (propagated-inputs+ `(("python-capstone" ,python-capstone)))+ (home-page "http://shell-storm.org/project/ROPgadget/")+ (synopsis "Semiautomatic return oriented programming")+ (description+ "This tool lets you search for @acronym{ROP, Return Oriented Programming}+gadgets in binaries. Some facilities are included for automatically generating+chains of gadgets to execute system calls.")+ (license license:bsd-3)))-- 2.25.2
J
J
Jakub Kądziołka wrote on 26 Mar 23:26 +0100
(address . 40203-done@debbugs.gnu.org)
20200326222643.26tbnv4tltbs75lx@gravity
Pushed as commit 60eee3e6de2a11b425496bbdf90bfe1f807c8f49 after a reviewfrom ngz on IRC.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEE5Xa/ss9usT31cTO54xWnWEYTFWQFAl59LB4ACgkQ4xWnWEYTFWSm8w//QeYCApTyg0MtMgFZIbmUguWVdiSzhsklz3z3HdCh2YvU1rSlgaDA5N6AXfb0f/eF2MjTMgcOdC8JVyzHVLI3aHO6nLtR9qak948atfPaDkBl2d2hK/gb8BMZXlxc/o27aytUl4FULiOZnEk/8N0f0ZjK2u/QT72qMfkVjblNQOv0pXjSxm59il1Cc3rbof9zaoseVjdQxi2aOHi0fAsLWcgxbvA1M7ge8FnGdGAiJ5rDuV2k7euPQVAfQ0lRexJcOsXbYjMtrcDZqc4dhXUGagPo3bv6Gdr/pCKBsTifIkWoIQeY6PNBTDrkrFlvrPiSNFsPHznRHnE4kHnhdJlH13ijorO6mTe7fiPmViLn2y7xuYvjOruwQPqfS82tkPz7aWd09XTmM5QRXcxRke+azhgwJn/oEzjffktBFy2NPoXa+b00ecADWcx67dhGj2XDlQqYeqllSzcnzKSenYJqQQrlubTDRohvDdh8GepIJLVBGmcgGoUjUH7gHTD5Nudo68+a5PSwNcvqDr3Zc2qXf3f1JXs+DfShjhkwK2wpVhPAg2JSxFOcjw4FdvHkdoQiK4ASeN+aC33uxlJWsIszw2M2n4LRLqx2KS9/ZtMgvRScbALq4uH5RlNJPKMfIG/zCA2jD0t3o8Kvtn6o+oUJzue+fvhMlhPRGlDpa1WtmAU==J4qw-----END PGP SIGNATURE-----

Closed
?