ROPSHELL 
ropshell> use 38564bae2f07e6a584b435a969d9ddef (download)
name         : byenance (x86_64/ELF)
base address : 0x4011a0
total gadgets: 7585

ropshell> suggest "load reg"
> 0x00452907 : pop rax; ret
> 0x00402635 : pop rbx; ret
> 0x0043eb43 : pop rcx; ret 5
> 0x0040a76e : pop rsi; ret
> 0x00402214 : pop rdi; ret
> 0x004017d1 : pop rbp; ret
> 0x00402bee : pop rsp; ret
> 0x00402bed : pop r12; ret
> 0x0040c824 : pop r13; ret
> 0x0040a76d : pop r14; ret
> 0x00402213 : pop r15; ret
> 0x00485e9b : pop rdx; pop rbx; ret
> 0x0048f8b5 : mov rax, [rsp]; add rsp, 0x38; ret
> 0x0048f8b6 : mov eax, [rsp]; add rsp, 0x38; ret
> 0x00423985 : pop r11; add al, [rax]; cmove rax, rdx; ret
> 0x00470f4d : mov rbx, [rsp + 0x30]; jmp rcx
> 0x00470f4e : mov ebx, [rsp + 0x30]; jmp rcx
> 0x00452dc6 : mov edi, [rsp]; call rbx
> 0x0044fd12 : mov rsi, [rsp + 0x18]; call rbx
> 0x00457d9e : mov rdi, [rsp + 0x18]; call rax
> 0x0044fd13 : mov esi, [rsp + 0x18]; call rbx
> 0x00457d3c : mov rcx, [rsp + 0x10]; mov rdi, [rsp + 0x18]; call rcx
> 0x00457d3d : mov ecx, [rsp + 0x10]; mov rdi, [rsp + 0x18]; call rcx
> 0x0041937e : pop r8; add [rax], al; add [rax], al; movups xmm[rbx + 0x48], xmm0; pop rbx; ret
> 0x0044fd0a : mov r9, [rsp + 0x10]; mov rdi, rbp; mov rsi, [rsp + 0x18]; call rbx
> 0x0040aa97 : mov rdx, [rsp + 8]; mov rax, [rsp]; mov rsi, r13; mov rdi, r12; call rax
> 0x0040aa98 : mov edx, [rsp + 8]; mov rax, [rsp]; mov rsi, r13; mov rdi, r12; call rax
> 0x0040a8ea : mov r12, [rsp + 0x18]; nop ; mov rax, [rsp]; mov rdx, r14; mov rsi, r13; mov rdi, r12; call rax
> 0x0040a8eb : mov esp, [rsp + 0x18]; nop ; mov rax, [rsp]; mov rdx, r14; mov rsi, r13; mov rdi, r12; call rax
> 0x004628f6 : mov r8, [rsp + 0x48]; mov rcx, [rsp + 0x18]; mov rsi, [rsp + 0x40]; mov rdi, [rsp + 0x38]; call r15

© 2014 - 2019 - Powered by ROPEME | Contact