ROPSHELL 
ropshell> use 499fb521a0f4d635f3c1db514920eadd (download)
name         : kernel32.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 2694

ropshell> suggest "load reg"
> 0x18000a5c2 : pop rax; ret
> 0x180001398 : pop rbx; ret
> 0x180024d92 : pop rdx; ret
> 0x1800090ed : pop rsi; ret
> 0x1800011a4 : pop rdi; ret
> 0x180002cc3 : pop rbp; ret
> 0x180012458 : pop rsp; ret
> 0x180012457 : pop r12; ret
> 0x180006e8f : pop r13; ret
> 0x1800090ec : pop r14; ret
> 0x18000f6a8 : pop r15; ret
> 0x18000749f : pop rcx; add al, [rax]; ret
> 0x18001baa9 : mov rax, [rsp + 8]; ret
> 0x18000b245 : mov rbx, [rsp + 8]; ret
> 0x1800779e8 : mov rdi, [rsp + 0x10]; ret
> 0x18001baaa : mov eax, [rsp + 8]; ret
> 0x18000b246 : mov ebx, [rsp + 8]; ret
> 0x1800779e9 : mov edi, [rsp + 0x10]; ret
> 0x18004f6a8 : mov rsi, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x18004f6a9 : mov esi, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x180009c8d : movzx edx, [rsp + 0x68]; mov [rcx], edx; add rsp, 0x48; ret
> 0x18000903c : movzx ecx, [rsp + 0x60]; mov [rax], ecx; xor eax, eax; add rsp, 0x48; ret
> 0x18005e4a3 : mov rcx, [rsp + 0x30]; call [rip + 0x242e9]; nop [rax + rax]; add rsp, 0x28; ret
> 0x180073d24 : mov rbp, [rsp + 0x10]; mov rsi, [rsp + 0x18]; mov rdi, [rsp + 0x20]; ret
> 0x180073d25 : mov ebp, [rsp + 0x10]; mov rsi, [rsp + 0x18]; mov rdi, [rsp + 0x20]; ret

© 2014 - 2019 - Powered by ROPEME | Contact