ROPSHELL 
ropshell> use 4547677fe0407ffc12937106101df1aa (download)
name         : 7 (i386/ELF)
base address : 0x8049030
total gadgets: 4976

ropshell> suggest "load mem"
> 0x080b8184 : mov eax, [edx + 0x4c]; ret
> 0x080a334d : mov eax, [edx]; pop ebx; pop esi; ret
> 0x080a416f : mov edx, [eax]; mov eax, edx; ret
> 0x0805e970 : mov eax, [ecx]; mov [edx], eax; ret
> 0x080b6039 : mov eax, [ebx + 0x5e5b4cc4]; pop edi; pop ebp; ret
> 0x0805e9bd : mov eax, [ecx + 8]; sub eax, edx; ret
> 0x0805af2e : mov eax, [esi + 0x10]; pop esi; pop edi; jmp eax
> 0x0805bcc9 : mov eax, [edi + 0x10]; pop esi; pop edi; jmp eax
> 0x08095ae2 : mov ecx, [eax + 0x1fffe67]; fnstsw [esi]; jmp ebp
> 0x080a0d9d : mov eax, [ebx]; add eax, [ecx]; call eax
> 0x080a0c6b : mov eax, [esi]; add eax, [ebx]; call eax
> 0x080ac4b4 : mov edx, [ecx + 0x1c88]; add [edx + eax*2], 1; ret
> 0x0806fb60 : mov edi, [edx + ebx]; add [edx], al; add esp, 8; pop ebx; ret
> 0x080ac03c : mov edx, [ebx + 0xc]; mov [edx], eax; add esp, 4; pop ebx; pop esi; ret
> 0x080a0c68 : mov ebx, [ebp + 8]; mov eax, [esi]; add eax, [ebx]; call eax
> 0x080a4c23 : mov ecx, [ebx + 0x10]; mov eax, [ebx + 0x14]; call [ebx]
> 0x080a0d9a : mov ecx, [ebp + 8]; mov eax, [ebx]; add eax, [ecx]; call eax
> 0x08090788 : mov edx, [eax + ebx]; sub esp, 4; push ecx; push edi; push [ebp - 0x8a4]; call edx
> 0x08057d43 : mov edx, [esi + 0x58]; mov [edx + 0x90], eax; mov eax, edi; pop ebx; pop esi; pop edi; ret
> 0x080a6370 : mov ebp, [eax + 0xc]; nop ; mov eax, [esp + 8]; mov esp, ecx; jmp edx
> 0x08058121 : mov edx, [edi + 8]; mov [ebp - 0x44], eax; sub eax, edx; push eax; push edx; push edi; call [ebx + 0x38]
> 0x080a636d : mov edi, [eax + 8]; mov ebp, [eax + 0xc]; nop ; mov eax, [esp + 8]; mov esp, ecx; jmp edx
> 0x080a41da : mov ecx, [edx]; mov edx, [esp + 4]; mov [edx], ecx; mov edx, [eax]; mov eax, [esp + 8]; mov [eax], edx; ret
> 0x080a636a : mov esi, [eax + 4]; mov edi, [eax + 8]; mov ebp, [eax + 0xc]; nop ; mov eax, [esp + 8]; mov esp, ecx; jmp edx
> 0x080a4c1b : mov edi, [ebx + 4]; mov [ebx], eax; mov edx, [ebx + 0xc]; mov ecx, [ebx + 0x10]; mov eax, [ebx + 0x14]; call [ebx]
> 0x080a4c19 : mov esi, [ebx]; mov edi, [ebx + 4]; mov [ebx], eax; mov edx, [ebx + 0xc]; mov ecx, [ebx + 0x10]; mov eax, [ebx + 0x14]; call [ebx]

© 2014 - 2019 - Powered by ROPEME | Contact