ROPSHELL 
ropshell> use 3821bd26a6940981694e4a261e659323 (download)
name         : kernel32.dll (i386/PE)
base address : 0x6b810000
total gadgets: 3925

ropshell> suggest "stack pivoting"
> 0x6b819542 : xchg eax, esp; ret
> 0x6b81f760 : mov esp, ebx; pop ebx; ret 4
> 0x6b81003e : mov esp, ebp; pop ebp; ret
> 0x6b856c06 : push edx; pop esp; sub edx, [ecx + 4]; mov eax, edx; ret
> 0x6b83777b : lea esp, [ebp + edi*8 - 1]; jmp [esi - 0x77]
> 0x6b82839d : lea esp, [edx + esi*8 - 1]; lcall [ecx - 0x6a743dd5]; sal cl, 0xff; call ecx
> 0x6b839327 : lea esp, [edi + edi*8 - 1]; dec [ebx + 0x8886]; add [ecx - 0x837b], cl; jmp [esi - 0x77]
> 0x6b823783 : lea esp, [esp]; lea ebx, [ebx]; mov ecx, [esp + 4]; mov eax, [esp + 8];  xadd [ecx], eax; ret 8
> 0x6b833469 : leave ; inc ecx; mov eax, ecx; ret

© 2014 - 2019 - Powered by ROPEME | Contact