ropshell> use 177a44386ccd40737ea5379c099d8b5b (download)
name         : kernel32.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 2595

ropshell> suggest
call
    > 0x18006e87d : call rax
    > 0x180034c5d : call rcx
    > 0x1800433c5 : call [rax]
    > 0x1800044d1 : call [rbx]
    > 0x18007473b : call [rcx]
jmp
    > 0x180024a2f : jmp rax
    > 0x180001f90 : jmp rcx
    > 0x180002c14 : jmp rdi
    > 0x180011015 : jmp [rax]
    > 0x18003d6cd : jmp [rbx]
load mem
    > 0x180021330 : mov eax, [rcx + 0x10]; ret
    > 0x18000f3fb : mov rcx, [rdx]; sub eax, ecx; ret
    > 0x18000f3fc : mov ecx, [rdx]; sub eax, ecx; ret
    > 0x1800774a6 : mov rax, [rdx + 0x18]; add rax, rcx; ret
    > 0x1800774a7 : mov eax, [rdx + 0x18]; add rax, rcx; ret
load reg
    > 0x18000a81e : pop rax; ret
    > 0x180001900 : pop rbx; ret
    > 0x180023ec2 : pop rdx; ret 5
    > 0x180006907 : pop rsi; ret
    > 0x18000126f : pop rdi; ret
pop pop ret
    > 0x1800063aa : pop r12; ret
    > 0x180008aee : pop r12; pop rbp; ret
    > 0x180007838 : pop r12; pop rdi; pop rbp; ret
    > 0x180069a00 : pop r12; pop rdi; pop rbx; pop rbp; ret
    > 0x180004138 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret
sp lifting
    > 0x180025e47 : add rsp, 0x118; ret
    > 0x180025e47 : add rsp, 0x118; ret
    > 0x180006194 : add rsp, 0x28; ret
    > 0x180005ebf : add rsp, 0x38; ret
    > 0x180008251 : add rsp, 0x48; ret
stack pivoting
    > 0x18003724f : xchg eax, esp; ret
    > 0x180006903 : mov rsp, r11; pop r14; ret
    > 0x180006904 : mov esp, ebx; pop r14; ret
    > 0x18005505e : push rbx; add cl, [rax - 0x75]; pop rsp; and al, 8; ret
    > 0x180015fd5 : xchg esp, edx; add [rax], al; add rsp, 0x38; ret
syscall
    > 0x180025744 : int 0x80; adc al, 0; add [rbp + 0x2e], dh; ret
write mem
    > 0x180069b5c : add [rax + 0xf], ecx; ret
    > 0x18007afd6 : add [rax + 1], edi; ret
    > 0x180007a88 : adc [rcx + 0x20], eax; ret
    > 0x180069b5b : add [r8 + 0xf], ecx; ret
    > 0x180020418 : add [rax], r8; mov eax, 1; ret