fgsahoward · June 11, 2018 17:40
diff --git a/med64_debugging1 b/med64_debugging1
 [howard@sterling bof]$ gcc -o med64 -fno-stack-protector med.c
 [howard@sterling bof]$ ../rp/rp-lin-x64 -f ./med64 --atsyntax -r 3
 Trying to open './med64'..
 Loading ELF information..
 FileFormat: Elf, Arch: x64
 Using the AT&T syntax..

 Wait a few seconds, rp++ is looking for gadgets..
 in PHDR
 0 found.

 in LOAD
 103 found.

 A total of 103 gadgets found.
 0x00400532: adcb %ah, 0x00(%rax) ; jmpq *%rax ;  (1 found)
 0x00400580: adcb %ah, 0x00(%rax) ; jmpq *%rax ;  (1 found)
 ...
 0x004006ce: popq %r13 ; popq %r14 ; popq %r15 ; ret  ;  (1 found)
 0x004006d0: popq %r14 ; popq %r15 ; ret  ;  (1 found)
 0x004006d2: popq %r15 ; ret  ;  (1 found)
 0x004006cf: popq %rbp ; popq %r14 ; popq %r15 ; ret  ;  (1 found)
 0x00400540: popq %rbp ; ret  ;  (1 found)
 0x004006d3: popq %rdi ; ret  ;  (1 found)
 0x004006d1: popq %rsi ; popq %r15 ; ret  ;  (1 found)
 ...
	[howard@sterling bof]$ gcc -o med64 -fno-stack-protector med.c
	[howard@sterling bof]$ ../rp/rp-lin-x64 -f ./med64 --atsyntax -r 3
	Trying to open './med64'..
	Loading ELF information..
	FileFormat: Elf, Arch: x64
	Using the AT&T syntax..

	Wait a few seconds, rp++ is looking for gadgets..
	in PHDR
	0 found.

	in LOAD
	103 found.

	A total of 103 gadgets found.
	0x00400532: adcb %ah, 0x00(%rax) ; jmpq *%rax ; (1 found)
	0x00400580: adcb %ah, 0x00(%rax) ; jmpq *%rax ; (1 found)
	...
	0x004006ce: popq %r13 ; popq %r14 ; popq %r15 ; ret ; (1 found)
	0x004006d0: popq %r14 ; popq %r15 ; ret ; (1 found)
	0x004006d2: popq %r15 ; ret ; (1 found)
	0x004006cf: popq %rbp ; popq %r14 ; popq %r15 ; ret ; (1 found)
	0x00400540: popq %rbp ; ret ; (1 found)
	0x004006d3: popq %rdi ; ret ; (1 found)
	0x004006d1: popq %rsi ; popq %r15 ; ret ; (1 found)
	...