ROPSHELL 
ropshell> use 38564bae2f07e6a584b435a969d9ddef (download)
name         : byenance (x86_64/ELF)
base address : 0x4011a0
total gadgets: 7585

ropshell> suggest "stack pivoting"
> 0x004025df : xchg eax, esp; ret
> 0x00492619 : mov rsp, rcx; pop rcx; jmp rcx
> 0x0049261a : mov esp, ecx; pop rcx; jmp rcx
> 0x00465fdb : mov rsp, r8; mov rbp, r9; nop ; jmp rdx
> 0x0047dbd0 : lea rsp, [rbp - 0x18]; pop rbx; pop r12; pop r13; pop rbp; ret
> 0x00465fdc : mov esp, eax; mov rbp, r9; nop ; jmp rdx
> 0x0047dbd1 : lea esp, [rbp - 0x18]; pop rbx; pop r12; pop r13; pop rbp; ret
> 0x0040c7d1 : movsxd rsp, esp; mov rdx, r12; call [r13 + 0x38]
> 0x00466374 : lea esp, [rcx + rax]; mov r13, rax; mov rdi, r12; call rbx
> 0x00401ace : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact