ROPSHELL 
ropshell> use 03fc7d7c12945eef5f43a65cfd361637 (download)
name         : ex1.exe (i386/PE)
base address : 0x40401000
total gadgets: 1160

ropshell> suggest
call
    > 0x40401323 : call eax
    > 0x40401a27 : call ebx
    > 0x404013b3 : call ecx
    > 0x40401dc5 : call esi
    > 0x4040154f : call edi
jmp
    > 0x404025ad : jmp eax
    > 0x404073ec : jmp esi
    > 0x40401005 : jmp esp
    > 0x404042fe : jmp [eax]
    > 0x4040712a : jmp [ebx]
load mem
    > 0x40402252 : mov eax, [ebp + 8]; pop esi; pop ebp; ret
    > 0x4040edfa : mov ecx, [ebp + 8]; mov [eax], ecx; pop ebp; ret
    > 0x40405158 : mov edi, [ebp + 8]; push edi; call esi
load reg
    > 0x40402cd7 : pop ebx; ret
    > 0x4040124b : pop ecx; ret
    > 0x4040167f : pop esi; ret
    > 0x404075d3 : pop edi; ret
    > 0x40401081 : pop ebp; ret
pop pop ret
    > 0x40401081 : pop ebp; ret
    > 0x40402fd8 : pop eax; pop ebp; ret
    > 0x40401b28 : pop ebx; pop edi; pop esi; ret
    > 0x404073d0 : pop ebx; pop edi; pop esi; pop ebp; ret
    > 0x40405144 : pop ecx; pop edi; pop esi; pop ebx; pop ebp; ret
sp lifting
    > 0x40402fa6 : add esp, 0x14; ret
    > 0x40402fa6 : add esp, 0x14; ret
stack pivoting
    > 0x4040107f : mov esp, ebp; pop ebp; ret
    > 0x4040ae53 : xchg eax, esp; rcr [ebx - 0x75], -0x3f; pop ebp; ret
    > 0x4040184e : leave ; ret
write mem
    > 0x40403a7b : add [ebx], edi; ret
    > 0x40402cc5 : add [ebp + 3], esi; push eax; call ebx
    > 0x40409494 : add [ecx + 0x38], eax; adc [ebp - 0x13], esi; pop esi; pop ebx; ret
    > 0x4040b119 : add [eax], edx; add [eax], al; push eax; push edi; call ebx
    > 0x4040b638 : add [ebx], ebp; sal [eax + edx + 0x33], -0x37; test eax, eax; setg cl; lea ecx, [ecx + ecx - 1]; mov eax, ecx; ret

© 2014 - 2019 - Powered by ROPEME | Contact