ROPSHELL 
ropshell> use 4c2d2746bb12863c464ebafac7e93bd5 (download)
name         : paycalc (x86_64/RAW)
base address : 0x0
total gadgets: 10019

ropshell> suggest
call
    > 0x00001061 : call rax
    > 0x00002e79 : call rbx
    > 0x000058cb : call rcx
    > 0x000116fa : call rdx
    > 0x00041a4f : call rsi
jmp
    > 0x00013704 : push rsp; ret
    > 0x00000ff7 : jmp rax
    > 0x00070faf : jmp rbx
    > 0x000254c4 : jmp rcx
    > 0x00001037 : jmp rdx
load mem
    > 0x0006e7ab : mov eax, [rdx]; ret
    > 0x000b4846 : mov edi, [rdx]; ret
    > 0x0005f632 : mov eax, [rsi]; pop rbx; ret
    > 0x0000f9b0 : mov rax, [rdi + 0x68]; ret
    > 0x0000f9b1 : mov eax, [rdi + 0x68]; ret
load reg
    > 0x000721d8 : pop rax; ret
    > 0x000091b2 : pop rbx; ret
    > 0x000bf527 : pop rcx; ret
    > 0x0003e345 : pop rdx; ret
    > 0x00001ea7 : pop rsi; ret
pop pop ret
    > 0x0003e344 : pop r10; ret
    > 0x000020ed : pop r12; pop r13; ret
    > 0x00001ea2 : pop r12; pop r13; pop r14; ret
    > 0x00001d8c : pop r12; pop r13; pop r14; pop r15; ret
    > 0x000006a6 : pop r12; pop r13; pop r14; pop r15; pop rbp; ret
sp lifting
    > 0x00017000 : add rsp, 0x18; ret
    > 0x00017000 : add rsp, 0x18; ret
    > 0x00065caa : add rsp, 0x28; ret
    > 0x00071402 : add rsp, 0x30; ret
    > 0x00072145 : add rsp, 0x48; ret
stack pivoting
    > 0x00096550 : mov rsp, rcx; ret
    > 0x000003cf : xchg eax, esp; ret
    > 0x00096551 : mov esp, ecx; ret
    > 0x00072878 : mov rsp, r8; mov rbp, r9; jmp rdx
    > 0x0006614f : lea rsp, [rbp - 0x10]; pop rbx; pop r12; pop rbp; ret
syscall
    > 0x00062275 : syscall ; ret
write mem
    > 0x000c6803 : add [rbx], eax; ret
    > 0x0007f87d : add [rcx], edi; ret
    > 0x000bf878 : add [rdx], ecx; ret
    > 0x0001c02b : adc [rax + 0x39], ecx; ret
    > 0x0003a013 : add [rbp + 0x39], ecx; ret

© 2014 - 2019 - Powered by ROPEME | Contact