ropshell> use 207bced406cb1783c3d93c52f6c4ee38 (download) name : entree.exe (i386/PE) base address : 0x401000 total gadgets: 884
ropshell> suggest call > 0x004019aa : call eax > 0x00406812 : call ebx > 0x00401b66 : call ecx > 0x00404b49 : call edx > 0x00401bd2 : call esi jmp > 0x00402502 : jmp eax > 0x00408730 : jmp esi > 0x004045b7 : jmp [eax] > 0x00403714 : jmp [ebx] > 0x00406cff : jmp [ecx] load mem > 0x004047ec : mov eax, [ebp + 0x10]; inc [eax]; pop ebp; ret > 0x004025cf : mov eax, [ecx + 4]; mov [esi + 4], eax; mov eax, esi; pop esi; pop ebp; ret 4 load reg > 0x0040869e : pop ebx; ret > 0x004012e0 : pop ecx; ret > 0x00401296 : pop esi; ret > 0x00407739 : pop edi; ret > 0x0040116d : pop ebp; ret pop pop ret > 0x0040116d : pop ebp; ret > 0x0040195f : pop eax; pop ebp; ret > 0x00408470 : pop eax; pop esi; pop edi; ret > 0x00404892 : pop ebx; pop edi; pop esi; pop ebp; ret > 0x00407b2a : pop ecx; pop edi; pop esi; pop ebx; pop ebp; ret sp lifting > 0x00402525 : add esp, 0x14; ret > 0x00402525 : add esp, 0x14; ret stack pivoting > 0x0040116b : mov esp, ebp; pop ebp; ret > 0x0040593d : xchg eax, esp; inc [eax]; push edi; call esi > 0x0040d1fb : leave ; ret write mem > 0x0040a123 : add [esi + 0x5d], ebx; ret > 0x004081d5 : add [ebx + 0x5e0c2444], ecx; pop edi; ret > 0x004081e9 : add [edx + 0x47880246], ecx; add cl, [ebx + 0x5e0c2444]; pop edi; ret