Dynamic memmove() locating

With ARM Exception Vector Info Leak it is possible to leak 4 bytes of memory. To get more data and more reliable, evasi0n attempts to dynamically locate the  function within the kernel module. This is done by leaking the first two pages of the kernel text section and following each branch instruction (leaking destination too) until the  signature is found.

With the address of, it is possible to return data to a buffer that can be read from user-mode and returning more memory this way.

TODO: Explain how evasi0n does this in detail.

See also Patchfinder.