ropshell> use 38ff29a8b6803670e2dcdfffaaf9ef5d (download)
name         : libc-2.30.so (x86_64/ELF)
base address : 0x25670
total gadgets: 15319
ropshell> suggest "stack pivoting"
> 0x0005e5b0 : mov rsp, rdx; ret
> 0x000335ea : xchg eax, esp; ret
> 0x0005e5b1 : mov esp, edx; ret
> 0x000912f4 : mov esp, eax; mov rax, r12; pop r12; ret
> 0x000e4266 : lea rsp, [rbp - 0x10]; pop r12; pop r13; pop rbp; ret
> 0x000e4267 : lea esp, [rbp - 0x10]; pop r12; pop r13; pop rbp; ret
> 0x00046197 : mov rsp, r8; mov rbp, r9; nop ; jmp rdx
> 0x00091301 : mov esp, ebp; pop rbx; pop rbp; mov rax, r12; pop r12; ret
> 0x00076dd0 : movsxd rsp, esp; mov rdx, r12; call [r13 + 0x38]
> 0x0011abdf : lea rsp, [ebp - 0x18]; mov eax, r12d; pop rbx; pop r12; pop r13; pop rbp; ret
> 0x00078d93 : lea esp, [rax]; idiv edi; dec [rax - 0x7d]; clc ; dec [rax - 0x77]; ret
> 0x0014c425 : mov esp, esp; lea rsi, [rsp + 8]; call [rax]
> 0x00047b15 : lea esp, [rcx + rax]; mov r13, rax; mov rdi, r12; call rbx
> 0x00049ca9 : lea esp, [rbx + rax*8 + 8]; nop [rax]; call [rbx]
> 0x00149491 : push rdi; pop rsp; lea rsi, [rdi + 0x48]; mov rdi, r8; mov rax, [rax + 0x18]; jmp rax
> 0x0005a9a8 : leave ; ret