-
Notifications
You must be signed in to change notification settings - Fork 43
TODO
The project is currently in the alpha stage and it has room for many improvements. Critical points to investigate:
-
Unicorn bugs affecting the
ropemuexecution like this issue and this one -
The framework has been tested only against the Chuck ROP rootkit. It would be desirable to have another example complex enough to show all the ROPMEMU features.
-
Improve and test the x86 support. For the moment, ROPMEMU has been tested only in x86_64 mode.
-
Integrate shadow stack information in
unchain -
Automate the entire process. At the moment it is quite fragmented and it requires many scripts.
-
Improve the serialization of the JSON traces. Switch to protocol buffers?
Other improvements:
-
Support a real assembler library like Keystone (once it is public) and remove the current implementation based on
nasm. -
Adopt an Intermediate Language (IL) to easily apply the compiler transformations. Test again BIL/LLVM bitcode or try VEX and angr.
ROPMEMU Framework