ropshell> use 27ce6f833b2b51816654871de92b20e5 (download)
name         : loader (i386/ELF)
base address : 0x172c0
total gadgets: 5450

ropshell> suggest
call
    > 0x0005ebc6 : call [ebp - 0x18]; ret
    > 0x0001908f : call eax
    > 0x0002d31a : call ebx
    > 0x0001b8c6 : call ecx
    > 0x000190dd : call edx
jmp
    > 0x0001ee07 : push esp; ret
    > 0x000193d9 : jmp eax
    > 0x00023b5f : jmp ebx
    > 0x0001ccec : jmp ecx
    > 0x0001cbdf : jmp edx
load mem
    > 0x000bcbc0 : mov ecx, [edi]; ret
    > 0x000ad450 : mov esi, [ebx]; ret
    > 0x00023790 : mov eax, [edx + 0x30]; ret
    > 0x000d9ba7 : mov eax, [ecx]; pop ebx; pop esi; ret
    > 0x00026024 : mov edx, [eax + 0xc]; mov eax, [eax + 8]; ret
load reg
    > 0x00089ca4 : pop eax; ret
    > 0x00017362 : pop ebx; ret
    > 0x0006d8d3 : pop ecx; ret 6
    > 0x0001899f : pop esi; ret
    > 0x00018c49 : pop edi; ret
pop pop ret
    > 0x00089ca4 : pop eax; ret
    > 0x0001b1a5 : pop ebx; pop ebp; ret
    > 0x00018c47 : pop ebx; pop esi; pop edi; ret
    > 0x00024e35 : pop eax; pop ebx; pop esi; pop edi; ret
    > 0x000bd903 : pop esp; pop ebx; pop esi; pop edi; pop ebp; ret
sp lifting
    > 0x00024f96 : add esp, 0x1c; ret
    > 0x00024f96 : add esp, 0x1c; ret
stack pivoting
    > 0x000db093 : xchg eax, esp; ret
    > 0x00018e83 : lea esp, [ecx - 4]; ret
    > 0x0002afe2 : mov esp, eax; shr bh, 1; call ecx
    > 0x0001e55a : push eax; pop esp; mov esi, eax; mov eax, [ebp]; mov [esp], ebp; call [eax + 0x4c]
    > 0x0001cc96 : push ecx; pop esp; mov esi, eax; mov eax, [edi + 4]; mov ecx, [eax]; mov [esp], eax; call [ecx + 0x3c]
write mem
    > 0x00025f9e : add [eax + 0x5e5b0443], ecx; ret
    > 0x000d0abe : adc [ebx + 0x5e5b1cc4], eax; pop edi; pop ebp; ret
    > 0x000808eb : add [eax], ecx; add [ebp - 0x3f6bf02e], al; pop ebx; ret
    > 0x00054f02 : add [esi + 0x6b], edx; jmp [eax + ebp*8]
    > 0x0001faeb : add [eax], edx; add [eax], al; bextr eax, ecx, eax; ret