ROPSHELL 
ropshell> use 183bebf0d0007b34a4c8d9ecaebcb94f (download)
name         : kernel32.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 2711

ropshell> suggest
call
    > 0x18001e066 : call rax
    > 0x18003165f : call rcx
    > 0x1800087b8 : call rdx
    > 0x18001e065 : call r8
    > 0x18003f3d4 : call [rax]
jmp
    > 0x1800236e0 : jmp rax
    > 0x180011096 : jmp rcx
    > 0x18001b8a1 : jmp rdx
    > 0x180011f95 : jmp rdi
    > 0x18000bbdb : jmp [rax]
load mem
    > 0x18001fdd0 : mov eax, [rcx + 0x10]; ret
    > 0x1800083ac : mov rcx, [rdx]; sub eax, ecx; ret
    > 0x1800083ad : mov ecx, [rdx]; sub eax, ecx; ret
    > 0x1800700c2 : mov rax, [rdx + 0x18]; add rax, rcx; ret
    > 0x1800700c3 : mov eax, [rdx + 0x18]; add rax, rcx; ret
load reg
    > 0x1800063b6 : pop rax; ret
    > 0x18000112a : pop rbx; ret
    > 0x180001661 : pop rsi; ret
    > 0x180001281 : pop rdi; ret
    > 0x18000120c : pop rbp; ret
pop pop ret
    > 0x18000198d : pop r12; ret
    > 0x18000930f : pop r12; pop rbp; ret
    > 0x18000b87e : pop r12; pop rdi; pop rbp; ret
    > 0x180012292 : pop r12; pop rdi; pop rbx; pop rbp; ret
    > 0x180001e13 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret
sp lifting
    > 0x180023d63 : add rsp, 0x118; ret
    > 0x180023d63 : add rsp, 0x118; ret
    > 0x180004ff1 : add rsp, 0x28; ret
    > 0x180003839 : add rsp, 0x38; ret
    > 0x180001047 : add rsp, 0x48; ret
stack pivoting
    > 0x18002008a : xchg eax, esp; ret
    > 0x180004133 : mov rsp, r11; pop r14; ret
    > 0x180004134 : mov esp, ebx; pop r14; ret
    > 0x1800500ca : push rbx; add cl, [rax - 0x75]; pop rsp; and al, 8; ret
    > 0x18001725a : leave ; ret
syscall
    > 0x180023674 : int 0x80; adc al, 0; add [rbp + 0x2e], dh; ret
write mem
    > 0x180062eca : add [rax + 0xf], ecx; ret
    > 0x180066e2c : adc [rax + 4], edi; ret
    > 0x18001aa6c : adc [rcx + 0x20], eax; ret
    > 0x180062ec9 : add [r8 + 0xf], ecx; ret
    > 0x180060599 : add [rdi], ecx; xchg eax, ebp; ret

© 2014 - 2019 - Powered by ROPEME | Contact