Awesome

#Catfish ##Introduction Catfish is a tool used ease the process of finding ROP gadgets and creating payloads with them. It is still under development.

##Usage Right now, Catfish is somewhat limited. Here is a simple demo of the interactive version that will call MessageBoxA using code from SwDir.dll.

> load test_bins/swdir.dll
> static 0
> static 0x69218BA0
> static 0x69218C74
> static 0
> call MessageBoxA
> write messagebox.bin
>

messagebox.bin should now contain a basic payload for launching a MessageBox.

##Prerequisites All that is needed to run is Distorm (http://code.google.com/p/distorm/)

##Future Some things planned for the future:

• Make it actually work for more than just simple payloads
• Better support for static values on the stack
• 64-bit support
• Use of instruction decomposition
• Automagic ROP chain generation