ROPSHELL 
ropshell> use 168a3a3445f42292bcf9ef11e3d96e13 (download)
name         : badcopy (i386/ELF)
base address : 0x1120
total gadgets: 295

ropshell> suggest
call
    > 0x0000118c : call eax
    > 0x000011dd : call edx
    > 0x0000128f : call [eax - 0x18]
load reg
    > 0x000016a7 : pop eax; ret
    > 0x000016a9 : pop ebx; ret
    > 0x000016ab : pop ecx; ret
    > 0x000016ad : pop edx; ret
    > 0x000016af : pop esi; ret
pop pop ret
    > 0x000016a7 : pop eax; ret
    > 0x000012cb : pop esi; pop ebp; lea esp, [ecx - 4]; ret
    > 0x000012ca : pop ebx; pop esi; pop ebp; lea esp, [ecx - 4]; ret
    > 0x000012c9 : pop ecx; pop ebx; pop esi; pop ebp; lea esp, [ecx - 4]; ret
sp lifting
    > 0x0000183b : add esp, 0x10; ret
    > 0x0000183b : add esp, 0x10; ret
    > 0x0000183f : add esp, 0x20; ret
    > 0x00001843 : add esp, 0x40; ret
    > 0x00001853 : sub esp, 0x10; ret
stack pivoting
    > 0x000016c5 : xchg eax, esp; ret
    > 0x000015dc : mov esp, eax; ret
    > 0x000015f4 : mov esp, ebx; ret
    > 0x0000160c : mov esp, ecx; ret
    > 0x00001624 : mov esp, edx; ret
syscall
    > 0x000015c2 : int 0x80; ret

© 2014 - 2019 - Powered by ROPEME | Contact