ropshell> use 0d8349b94bfb02ba6e57abdfe8be0aed (download)
name         : ch34 (x86_64/ELF)
base address : 0x400360
total gadgets: 8157
ropshell> suggest
call
    > 0x00401011 : call rax
    > 0x004027b9 : call rbx
    > 0x0040520b : call rcx
    > 0x0041096a : call rdx
    > 0x0043a8ff : call rsi
jmp
    > 0x00412974 : push rsp; ret
    > 0x00400fa7 : jmp rax
    > 0x0046a25f : jmp rbx
    > 0x004243f4 : jmp rcx
    > 0x00400fe7 : jmp rdx
load mem
    > 0x00467a5b : mov eax, [rdx]; ret
    > 0x004588e2 : mov eax, [rsi]; pop rbx; ret
    > 0x0040ec20 : mov rax, [rdi + 0x68]; ret
    > 0x0040ec21 : mov eax, [rdi + 0x68]; ret
    > 0x0049001b : mov rax, [rdx]; add rsp, 8; ret
load reg
    > 0x0044d2b4 : pop rax; ret
    > 0x004084c2 : pop rbx; ret
    > 0x00437205 : pop rdx; ret
    > 0x004017e7 : pop rsi; ret
    > 0x004016d3 : pop rdi; ret
pop pop ret
    > 0x00437204 : pop r10; ret
    > 0x00401a2d : pop r12; pop r13; ret
    > 0x004017e2 : pop r12; pop r13; pop r14; ret
    > 0x004016cc : pop r12; pop r13; pop r14; pop r15; ret
    > 0x00400656 : pop r12; pop r13; pop r14; pop r15; pop rbp; ret
sp lifting
    > 0x00416270 : add rsp, 0x18; ret
    > 0x00416270 : add rsp, 0x18; ret
    > 0x0045ef5a : add rsp, 0x28; ret
    > 0x0046a6b2 : add rsp, 0x30; ret
    > 0x0046b3f5 : add rsp, 0x48; ret
stack pivoting
    > 0x0048f800 : mov rsp, rcx; ret
    > 0x00412bc3 : xchg eax, esp; ret
    > 0x0048f801 : mov esp, ecx; ret
    > 0x0046bb28 : mov rsp, r8; mov rbp, r9; jmp rdx
    > 0x0045f3ff : lea rsp, [rbp - 0x10]; pop rbx; pop r12; pop rbp; ret
syscall
    > 0x0045b525 : syscall ; ret
write mem
    > 0x00478b2d : add [rcx], edi; ret
    > 0x0041b05b : adc [rax + 0x39], ecx; ret
    > 0x00432ed3 : add [rbp + 0x39], ecx; ret
    > 0x0044ee01 : add [rcx], ebx; jmp [rsi - 0x3f]
    > 0x0042aee2 : add [rbx + 0x157890e], ecx; mov [rdi], ecx; ret