ropshell> use 499fb521a0f4d635f3c1db514920eadd (download)
name         : kernel32.dll (x86_64/RAW)
base address : 0x0
total gadgets: 2813
ropshell> suggest
call
    > 0x00032add : call rcx
    > 0x0002d9b5 : call rdi
    > 0x000b855c : call rbp
    > 0x0006eadd : call rsp
    > 0x00043827 : call [rax]
jmp
    > 0x0005ad0f : push rsp; ret
    > 0x00024cbf : jmp rax
    > 0x000b9234 : jmp rbx
    > 0x00000de7 : jmp rcx
    > 0x00047078 : jmp rsi
load mem
    > 0x00020860 : mov eax, [rcx + 0x10]; ret
    > 0x0000c0f8 : mov rcx, [rdx]; sub eax, ecx; ret
    > 0x0000c0f9 : mov ecx, [rdx]; sub eax, ecx; ret
    > 0x000771c2 : mov rax, [rdx + 0x18]; add rax, rcx; ret
    > 0x000771c3 : mov eax, [rdx + 0x18]; add rax, rcx; ret
load reg
    > 0x000099c2 : pop rax; ret
    > 0x00000798 : pop rbx; ret
    > 0x00024192 : pop rdx; ret
    > 0x000084ed : pop rsi; ret
    > 0x000005a4 : pop rdi; ret
pop pop ret
    > 0x00011857 : pop r12; ret
    > 0x0000c639 : pop r12; pop rbp; ret
    > 0x00006798 : pop r12; pop rdi; pop rbp; ret
    > 0x00069620 : pop r12; pop rdi; pop rbx; pop rbp; ret
    > 0x000033ac : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret
sp lifting
    > 0x00025ee7 : add rsp, 0x118; ret
    > 0x00025ee7 : add rsp, 0x118; ret
    > 0x000065e5 : add rsp, 0x28; ret
    > 0x00006a44 : add rsp, 0x38; ret
    > 0x0000044d : add rsp, 0x48; ret
stack pivoting
    > 0x00020cea : xchg eax, esp; ret
    > 0x000127d3 : mov rsp, r11; pop r14; ret
    > 0x000127d4 : mov esp, ebx; pop r14; ret
    > 0x000550e2 : push rbx; add cl, [rax - 0x75]; pop rsp; and al, 8; ret
    > 0x00035eb3 : leave ; ret
syscall
    > 0x000257d4 : int 0x80; adc al, 0; add [rbp + 0x2e], dh; ret
write mem
    > 0x0006977c : add [rax + 0xf], ecx; ret
    > 0x0007ac86 : add [rax + 1], edi; ret
    > 0x000069e8 : adc [rcx + 0x20], eax; ret
    > 0x0006977b : add [r8 + 0xf], ecx; ret
    > 0x00066b51 : add [rdi], ecx; xchg eax, ebp; ret