ropshell> use 303a41f81263068d7a170160e58466cb (download)
name         : genid.dll (i386/PE)
base address : 0x65701000
total gadgets: 846

ropshell> suggest
call
    > 0x6570194d : call eax
    > 0x657017fc : call ebx
    > 0x65701f8e : call ecx
    > 0x657029ea : call esi
    > 0x65701714 : call edi
jmp
    > 0x65703ac3 : jmp esp
    > 0x65701403 : jmp [edx + 0x34]
    > 0x65703983 : jmp [edi + esi]
load mem
    > 0x65702865 : mov eax, [ecx + 8]; ret
    > 0x65701d9f : mov ecx, [eax]; push eax; call [ecx + 8]; ret
    > 0x65701902 : mov eax, [ebp + 8]; pop esi; pop ebx; pop ebp; ret 0x10
    > 0x65702708 : mov eax, [ecx]; call [eax + 0x10]
    > 0x6570242e : mov eax, [ebx]; push ebx; call [eax + 0x4c]
load reg
    > 0x6570360f : pop eax; ret 0xc
    > 0x6570346a : pop ecx; ret
    > 0x65701907 : pop ebp; ret 0x10
    > 0x65701906 : pop ebx; pop ebp; ret 0x10
    > 0x65702f50 : pop esi; pop ebp; ret 0x10
pop pop ret
    > 0x6570346a : pop ecx; ret
    > 0x657016d7 : pop eax; pop ebp; ret 0xc
    > 0x65701e04 : pop edi; pop esi; pop ebp; ret 0xc
    > 0x65702949 : pop eax; pop edi; pop esi; pop ebp; ret 8
stack pivoting
    > 0x657032f0 : xchg eax, esp; push eax; call edi
    > 0x657034d6 : mov esp, ecx; mov ecx, [eax]; mov eax, [eax + 4]; push eax; ret
    > 0x657020bf : leave ; ret
write mem
    > 0x65702200 : adc [ebx], edi; ret
    > 0x657016d6 : add [eax + 0x5d], ebx; ret 0xc
    > 0x65703093 : adc [eax + 0x65], esi; call edi
    > 0x657015bb : adc [eax + 0x51], edx; call [edx + 0xc]
    > 0x6570251a : add [ebx + 0x50], edx; call [ecx + 0x28]