ROPSHELL 
ropshell> use 1750752e88087e169b97ae8e4052abb5 (download)
name         : EScript_180020038.api (i386/PE)
base address : 0x23801000
total gadgets: 21964

ropshell> suggest "stack pivoting"
> 0x2380ad70 : xchg eax, esp; ret
> 0x2380230b : mov esp, ebp; pop ebp; ret
> 0x238d06e0 : lea esp, [ebx]; ret
> 0x238c6cc8 : push eax; pop esp; pop ecx; movzx eax, ax; ret
> 0x2395ad42 : xchg esp, ebp; lcall [edi + 0x5e]; pop ebx; ret
> 0x2389379d : mov esp, edi; call [eax - 1]
> 0x238c4cb8 : lea esp, [edi - 9]; jmp [esi - 0x75]
> 0x238256eb : lea esp, [eax - 0x39000002]; test [esi + edi*8 - 0x17fe0001], esp; ret
> 0x2381c56e : mov esp, edx; adc al, [eax]; xor al, al; pop edi; pop esi; pop ebp; ret 4
> 0x23901421 : lea esp, [esi + esi*8 - 1]; call [ecx - 0x77]
> 0x2389522f : lea esp, [ebp + edi*8 - 1]; call [ecx + 0x50]
> 0x238c6a2d : push esi; pop esp; pop ecx; pop ecx; push eax; call [edi + 0x34]
> 0x23830494 : mov esp, eax; add [eax], al; add [ebp + 0x500a74c9], al; push [ebp + 8]; call ecx
> 0x239838aa : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact