ROPSHELL 
ropshell> use 4c2d2746bb12863c464ebafac7e93bd5 (download)
name         : paycalc (x86_64/RAW)
base address : 0x0
total gadgets: 10019

ropshell> suggest "load reg"
> 0x000721d8 : pop rax; ret
> 0x000091b2 : pop rbx; ret
> 0x000bf527 : pop rcx; ret
> 0x0003e345 : pop rdx; ret
> 0x00001ea7 : pop rsi; ret
> 0x00001d93 : pop rdi; ret
> 0x0000041f : pop rbp; ret
> 0x000004e4 : pop rsp; ret
> 0x0003e344 : pop r10; ret
> 0x000004e3 : pop r12; ret
> 0x000020ef : pop r13; ret
> 0x00001ea6 : pop r14; ret
> 0x00001d92 : pop r15; ret
> 0x000713fe : mov rbx, [rsp]; add rsp, 0x30; ret
> 0x00015caa : mov rsi, [rsp]; jmp rax
> 0x000713ff : mov ebx, [rsp]; add rsp, 0x30; ret
> 0x00015cab : mov esi, [rsp]; jmp rax
> 0x000962a5 : mov rax, [rsp + 0x10]; add rsp, 0x28; ret
> 0x000962a6 : mov eax, [rsp + 0x10]; add rsp, 0x28; ret
> 0x0000751d : mov edi, [rsp]; call r13
> 0x00048eef : mov rdi, [rsp + 0x10]; call r12
> 0x0006dd7c : mov r9, [rsp + 0x30]; call r9
> 0x0006dd7d : mov ecx, [rsp + 0x30]; call r9
> 0x0008ac38 : mov rdx, [rsp + 0x10]; mov rax, rdx; add rsp, 0x28; ret
> 0x0008ac39 : mov edx, [rsp + 0x10]; mov rax, rdx; add rsp, 0x28; ret
> 0x00072716 : mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax]
> 0x0000e223 : pop r8; add [rax], al; add [rax], al; mov [rbx + 0x50], 0; pop rbx; ret
> 0x0007270c : mov r11, [rsp + 0x30]; mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax]
> 0x00072707 : mov r10, [rsp + 0x28]; mov r11, [rsp + 0x30]; mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax]

© 2014 - 2019 - Powered by ROPEME | Contact