ROPSHELL 
ropshell> use 147134e164e0d8e0d405a4bc5f1fa8af (download)
name         : SERVER.exe (i386/PE)
base address : 0x10471000
total gadgets: 4587

ropshell> suggest "write mem"
> 0x1049a079 : add [ecx], eax; pop ebp; ret 0x10
> 0x104bbf5d : adc [edx], ebp; pop ebp; ret
> 0x1049ba74 : add [ebx + 0x3b6602c1], eax; ret
> 0x1048b02a : add [ebx + 0x5d5b5fc7], ecx; ret 4
> 0x104a16bc : adc [edx + 0x11894202], ecx; ret
> 0x104849c4 : add [esi + 0x5b], ebx; ret
> 0x1049fc93 : adc [edi + 0x10], eax; ret
> 0x10492faf : add [edi + 0x5e], ebx; ret
> 0x10486772 : add [eax + 0x4518901], esi; pop ebp; ret 4
> 0x104c160b : add [ebp + 2], esi; pop ebp; ret
> 0x104bc0a9 : add [ecx + 0x75ff5052], ebx; or al, ch; ret
> 0x1049a125 : add [eax], esi; pop esi; pop edi; pop ebx; pop ebp; ret 0x10
> 0x104bb38e : add [ebx], esi; rol [ebx + 0x10870cc0], cl; ret
> 0x104a6fe0 : add [ebx + 2], esi; mov al, 1; pop ebp; ret
> 0x104a66b4 : adc [esi + 0x2683fffc], ebp; add [ecx + 0x5e], bl; ret
> 0x1049f9f4 : add [eax], ebx; std ; call [esi - 0x18]
> 0x104b8c10 : add [ebx], edi; fnstenv [edi - 0x5d]; pop edi; pop esi; pop ebx; pop ebp; ret
> 0x104a16c6 : adc [edi], ecx; mov bh, 2; add edx, 2; mov [ecx], edx; ret
> 0x1047cc23 : add [ebp + 0x6ce8d84d], ecx; push -1; call [edi - 0x73]
> 0x1047a47e : add [esi + 3], edi; mov [ecx + 4], al; mov eax, ecx; pop ebp; ret 4
> 0x104acba8 : add [eax + 1], ebp; add [eax], eax; add al, ch; bound esp, [esi - 4]; call [ebx - 0x77]

© 2014 - 2019 - Powered by ROPEME | Contact