ROPSHELL 
ropshell> use 01a37d23c937e9d97aa20c3c9968b21d (download)
name         : babyfmt_level11.0 (x86_64/ELF)
base address : 0x11a0
total gadgets: 49

ropshell> suggest
call
    > 0x000018ca : call [rdi + rbx*8]
    > 0x000018c9 : call [r15 + rbx*8]
    > 0x0000147f : call [rax - 0x179a72b8]; pop rbx; pop r12; pop r13; pop rbp; ret
jmp
    > 0x000011ef : jmp rax
load reg
    > 0x000018e3 : pop rdi; ret
    > 0x00001273 : pop rbp; ret
    > 0x000018e2 : pop r15; ret
    > 0x000018e1 : pop rsi; pop r15; ret
    > 0x00001488 : pop r13; pop rbp; ret
pop pop ret
    > 0x000018e2 : pop r15; ret
    > 0x00001488 : pop r13; pop rbp; ret
    > 0x00001486 : pop r12; pop r13; pop rbp; ret
    > 0x000018dc : pop r12; pop r13; pop r14; pop r15; ret
    > 0x000018db : pop rbp; pop r12; pop r13; pop r14; pop r15; ret
stack pivoting
    > 0x00001481 : lea rsp, [rbp - 0x18]; pop rbx; pop r12; pop r13; pop rbp; ret
    > 0x00001482 : lea esp, [rbp - 0x18]; pop rbx; pop r12; pop r13; pop rbp; ret
    > 0x00001879 : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact