ROPSHELL 
ropshell> use 3891413139eaabfefe9b0ca49b5cd395 (download)
name         : msvcrt.dll (i386/PE)
base address : 0x77be1000
total gadgets: 3854

ropshell> suggest
call
    > 0x77be6085 : call eax
    > 0x77be9525 : call ebx
    > 0x77bf2538 : call ecx
    > 0x77be9515 : call esi
    > 0x77be61d5 : call edi
jmp
    > 0x77c21025 : push esp; ret
    > 0x77be68cd : jmp eax
    > 0x77be1f13 : jmp ebx
    > 0x77be1493 : jmp ecx
    > 0x77be94c5 : jmp edx
load mem
    > 0x77bf3925 : mov eax, [ecx + 0xc]; ret
    > 0x77c20c64 : mov eax, [edx + 4]; ret
    > 0x77beee80 : mov eax, [ebx]; add cl, cl; ret
    > 0x77c032d8 : mov eax, [esi + 0x64]; pop esi; ret
    > 0x77bec30f : mov eax, [ebp + 0x10]; pop ebp; ret
load reg
    > 0x77bf1d16 : pop eax; ret
    > 0x77bf362c : pop ebx; ret
    > 0x77bef519 : pop ecx; ret
    > 0x77c1cb29 : pop edx; ret
    > 0x77bf1891 : pop esi; ret
pop pop ret
    > 0x77bf1d16 : pop eax; ret
    > 0x77bee843 : pop eax; pop ebp; ret
    > 0x77c181d9 : pop ebx; pop edi; pop ebp; ret
    > 0x77c01932 : pop ebx; pop edi; pop esi; pop ebp; ret
    > 0x77c23f36 : pop eax; pop edi; pop esi; pop ebx; pop ebp; ret
sp lifting
    > 0x77c215ef : add esp, 0x10; ret
    > 0x77c215ef : add esp, 0x10; ret
    > 0x77c1d7f6 : add esp, 0x2c; ret
stack pivoting
    > 0x77be5ed5 : xchg eax, esp; ret
    > 0x77c1fa1a : mov esp, ebx; pop ebx; ret
    > 0x77bf282e : mov esp, ebp; pop ebp; ret
    > 0x77c1f4b8 : lea esp, [eax + 6]; ret
    > 0x77bef117 : lea esp, [ebp - 8]; pop edi; pop esi; pop ebp; ret 0xc
write mem
    > 0x77c0a77e : add [ebx], eax; ret
    > 0x77c23bc1 : add [eax + 0x5d], ebx; ret
    > 0x77c0231b : add [eax + 0x3a414606], ecx; ret
    > 0x77bec048 : add [ebx + 0x5d5e5fc6], ecx; ret
    > 0x77bfa15d : add [esi + 0x5d], ebx; ret

© 2014 - 2019 - Powered by ROPEME | Contact