ROPSHELL 
ropshell> use 48ef5953e661b3f349551da0614ce525 (download)
name         : kernel32.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 2583

ropshell> suggest "load reg"
> 0x18000b862 : pop rax; ret
> 0x180001243 : pop rbx; ret
> 0x180007f77 : pop rsi; ret
> 0x1800010c9 : pop rdi; ret
> 0x1800011eb : pop rbp; ret
> 0x180007a3b : pop rsp; ret
> 0x180007a3a : pop r12; ret
> 0x1800072e7 : pop r13; ret
> 0x180007f76 : pop r14; ret
> 0x180013e37 : pop r15; ret
> 0x18000c8e7 : mov rbx, [rsp + 8]; ret
> 0x1800772d0 : mov rdi, [rsp + 0x10]; ret
> 0x18000c8e8 : mov ebx, [rsp + 8]; ret
> 0x1800772d1 : mov edi, [rsp + 0x10]; ret
> 0x18006790a : mov rax, [rsp + 0x30]; add rsp, 0x88; ret
> 0x18004eaae : mov eax, [rsp + 0x2c]; add rsp, 0x58; ret
> 0x1800307ce : pop rdx; or esi, edi; jmp [rsi - 0x39]
> 0x18000c460 : mov rsi, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x18000c461 : mov esi, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x18002b5fa : pop rcx; sahf ; std ; inc [rbp + 0x428d41d2]; inc [rcx + 0xf]; ret
> 0x18000cb9d : movzx edx, [rsp + 0x68]; mov [rcx], edx; add rsp, 0x48; ret
> 0x1800022ac : mov ecx, [rsp + rdx*4 + 0x2bf0]; add rcx, r12; jmp rcx
> 0x18005cde3 : mov rcx, [rsp + 0x30]; call [rip + 0x24b19]; nop [rax + rax]; add rsp, 0x28; ret
> 0x18004d61c : mov rbp, [rsp + 0x10]; mov rsi, [rsp + 0x18]; mov rdi, [rsp + 0x20]; ret
> 0x18004d61d : mov ebp, [rsp + 0x10]; mov rsi, [rsp + 0x18]; mov rdi, [rsp + 0x20]; ret

© 2014 - 2019 - Powered by ROPEME | Contact