ROPSHELL 
ropshell> use 40f241ba0b3f4812c3ddab15e1e70138 (download)
name         : ntdll.dll (i386/PE)
base address : 0x6b281000
total gadgets: 9198

ropshell> suggest "load reg"
> 0x6b3604a7 : pop eax; ret
> 0x6b281911 : pop ebx; ret
> 0x6b285671 : pop ecx; ret
> 0x6b2a764c : pop edx; ret
> 0x6b28194e : pop esi; ret
> 0x6b2900cc : pop edi; ret
> 0x6b282194 : pop ebp; ret
> 0x6b33878b : popal ; ret
> 0x6b35f1af : pop esp; idiv edi; ret
> 0x6b2a899b : mov eax, [esp + 4]; ret
> 0x6b2a8bfe : mov ecx, [esp + 4]; sub eax, ecx; ret
> 0x6b2ab2c2 : mov edx, [esp + 0x1c];  cmpxchg8b [ebp]; pop ebp; pop ebx; ret 0x14
> 0x6b2ab411 : mov edi, [esp + 8]; mov ecx, [esp + 0xc]; mov eax, [esp + 0x10]; shr ecx, 2; rep stosd es:[edi], eax; pop edi; ret 0xc

© 2014 - 2019 - Powered by ROPEME | Contact