ropshell> use 4f4c1bcfce3df1802b75b39b9d01a9ac (download)
name         : msv1_0.dll (i386/PE)
base address : 0x77c61000
total gadgets: 1984
ropshell> suggest
call
    > 0x77c6e6e8 : call eax
    > 0x77c6cbd9 : call ebx
    > 0x77c6f6dc : call ecx
    > 0x77c61f92 : call esi
    > 0x77c61733 : call edi
jmp
    > 0x77c6870c : jmp eax
    > 0x77c65c1c : jmp edi
    > 0x77c6ffbe : jmp ebp
    > 0x77c62eee : jmp esp
    > 0x77c631d5 : jmp [eax]
load mem
    > 0x77c63c52 : mov ecx, [eax]; mov eax, [eax + 4]; push eax; ret
    > 0x77c61d44 : movzx ecx, [edx]; add [eax], ecx; pop esi; pop ebp; ret 0x10
    > 0x77c7bbc7 : mov eax, [ebp + 0x10]; pop edi; pop esi; pop ebx; pop ebp; ret 0x10
    > 0x77c75e22 : mov esi, [ebp + 0xc]; mov eax, esi; pop esi; pop ebp; ret 8
    > 0x77c73230 : mov eax, [edi]; push [eax + 0x30]; call esi
load reg
    > 0x77c69d66 : pop ebx; ret 0x10
    > 0x77c689c1 : pop esi; ret
    > 0x77c6e6f3 : pop edi; ret
    > 0x77c756c4 : pop ebp; ret
    > 0x77c6870b : pop ecx; jmp eax
pop pop ret
    > 0x77c756c4 : pop ebp; ret
    > 0x77c689c0 : pop edi; pop esi; ret
    > 0x77c618f8 : pop ebx; pop edi; pop ebp; ret 0x10
    > 0x77c6351e : pop ebp; pop edi; pop esi; pop ebx; ret 0xc
stack pivoting
    > 0x77c6665f : mov esp, ebp; pop ebp; ret 0xc
    > 0x77c63c2c : xchg eax, esp; mov eax, [eax]; push eax; ret
    > 0x77c63c50 : mov esp, ecx; mov ecx, [eax]; mov eax, [eax + 4]; push eax; ret
    > 0x77c6a9b8 : lea esp, [edx + edi*8 - 1]; call [ecx - 0x73]
    > 0x77c619e6 : leave ; ret
write mem
    > 0x77c68d94 : add [ebx], ebp; ret
    > 0x77c7978c : add [esi + 0x5d], ebx; ret 4
    > 0x77c61d47 : add [eax], ecx; pop esi; pop ebp; ret 0x10
    > 0x77c781bc : add [ebx], esi; jmp [ecx]
    > 0x77c69100 : add [edi], ecx; test [ebx + 0x300007b], bl; ret