ropshell> use 1a9b8d1c0241a3a7434f3cff1883e9f6 (download)
name : fvevol.sys (x86_64/PE)
base address : 0x1c0001000
total gadgets: 1719
ropshell> suggest
call
> 0x1c0013d58 : call rsi
> 0x1c0009efb : call [rax - 0x670e17]; jmp [rsi + 0x41]
jmp
> 0x1c0009120 : jmp rax
> 0x1c000915c : push rsp; add eax, edi; ret
> 0x1c0003867 : jmp [rax]
> 0x1c0008275 : jmp [rbx]
> 0x1c0009ea7 : jmp [rsi + 0x41]
load mem
> 0x1c000fd5d : mov rsi, [r11 + 0x18]; mov rsp, r11; pop rdi; ret
> 0x1c000fa77 : mov rdi, [r11 + 0x28]; mov rsp, r11; pop r14; ret
> 0x1c000fd5e : mov esi, [rbx + 0x18]; mov rsp, r11; pop rdi; ret
> 0x1c000fa78 : mov edi, [rbx + 0x28]; mov rsp, r11; pop r14; ret
> 0x1c0013231 : mov r12, [r11 + 0x38]; mov rsp, r11; pop r15; pop r14; pop rbp; ret
load reg
> 0x1c0007b52 : pop rax; ret
> 0x1c0001201 : pop rbx; ret
> 0x1c0001166 : pop rsi; ret
> 0x1c000125f : pop rdi; ret
> 0x1c00019bc : pop rbp; ret
pop pop ret
> 0x1c00010ac : pop r12; ret
> 0x1c00088fa : pop r12; pop rbp; ret
> 0x1c0007571 : pop r12; pop rdi; pop rbp; ret
> 0x1c00015b5 : pop r12; pop rdi; pop rbp; pop rbx; ret
> 0x1c0002a46 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret
sp lifting
> 0x1c00022ca : add rsp, 0x28; ret
> 0x1c00022ca : add rsp, 0x28; ret
> 0x1c0003727 : add rsp, 0x38; ret
> 0x1c0004e8d : add rsp, 0x48; ret
> 0x1c0007b4f : add rsp, 0x58; ret
stack pivoting
> 0x1c0007b7f : xchg eax, esp; ret
> 0x1c000fa7b : mov rsp, r11; pop r14; ret
> 0x1c000fa7c : mov esp, ebx; pop r14; ret
> 0x1c000c09c : leave ; add al, [rax]; add rsp, 0x58; ret
write mem
> 0x1c00092a3 : adc [rbx], ecx; movaps xmm[rcx - 0x10], xmm0; ret
> 0x1c000820d : add [rcx + 0xb], eax; fmul [rcx - 0x99fdba4]; ret
> 0x1c0009170 : adc [rcx], eax; movups xmm[rcx + r8 - 0x10], xmm1; ret
> 0x1c0009171 : add [rdx + 0xf], eax; adc [rcx + rax - 0x10], ecx; ret
> 0x1c0007357 : adc [rdx + 1], edi; call [rip + 0x31695]; add rsp, 0x28; ret