ropshell> use 48ef5953e661b3f349551da0614ce525 (download)
name         : kernel32.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 2583

ropshell> suggest
call
    > 0x180033e89 : call rcx
    > 0x180042ba5 : call [rax]
    > 0x180004758 : call [rbx]
    > 0x1800489ad : call [rcx]
    > 0x180010627 : call [rsi]
jmp
    > 0x180023c7f : jmp rax
    > 0x1800022b6 : jmp rcx
    > 0x180002f68 : jmp rdi
    > 0x1800770a0 : jmp [rax]
    > 0x18003ce65 : jmp [rbx]
load mem
    > 0x180020370 : mov eax, [rcx + 0x10]; ret
    > 0x180010ccb : mov rcx, [rdx]; sub eax, ecx; ret
    > 0x180010ccc : mov ecx, [rdx]; sub eax, ecx; ret
    > 0x1800776a2 : mov rax, [rdx + 0x18]; add rax, rcx; ret
    > 0x1800776a3 : mov eax, [rdx + 0x18]; add rax, rcx; ret
load reg
    > 0x18000b862 : pop rax; ret
    > 0x180001243 : pop rbx; ret
    > 0x180007f77 : pop rsi; ret
    > 0x1800010c9 : pop rdi; ret
    > 0x1800011eb : pop rbp; ret
pop pop ret
    > 0x180007a3a : pop r12; ret
    > 0x180009dbe : pop r12; pop rbp; ret
    > 0x1800011e8 : pop r12; pop rdi; pop rbp; ret
    > 0x180069150 : pop r12; pop rdi; pop rbx; pop rbp; ret
    > 0x180001415 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret
sp lifting
    > 0x180024877 : add rsp, 0x118; ret
    > 0x180024877 : add rsp, 0x118; ret
    > 0x180006245 : add rsp, 0x28; ret
    > 0x18000103f : add rsp, 0x38; ret
    > 0x18000cba4 : add rsp, 0x48; ret
stack pivoting
    > 0x18003655f : xchg eax, esp; ret
    > 0x180007f73 : mov rsp, r11; pop r14; ret
    > 0x180007f74 : mov esp, ebx; pop r14; ret
    > 0x180053d76 : push rbx; add cl, [rax - 0x75]; pop rsp; and al, 8; ret
    > 0x1800077c2 : xchg ebp, esp; push rsp; add al, [rax]; mov eax, 1; ret
syscall
    > 0x180024174 : int 0x80; adc al, 0; add [rbp + 0x2e], dh; ret
write mem
    > 0x180069190 : add [rax + 0xf], ecx; ret
    > 0x18007b1d6 : add [rax + 1], edi; ret
    > 0x180006618 : adc [rcx + 0x20], eax; ret
    > 0x18006918f : add [r8 + 0xf], ecx; ret
    > 0x1800665f1 : add [rdi], ecx; xchg eax, ebp; ret