ropshell> use 561fa2abb31dfa8fab762145f81667c2 (download) name : msvcp71.dll (i386/PE) base address : 0x7c3a1000 total gadgets: 3474
ropshell> suggest call > 0x7c3a2df3 : call eax > 0x7c3a5b12 : call ebx > 0x7c3a2d87 : call ecx > 0x7c3a1621 : call esi > 0x7c3a17c7 : call edi jmp > 0x7c3c5946 : push esp; ret > 0x7c3c5137 : jmp ebx > 0x7c3afcb0 : jmp edx > 0x7c3a361a : jmp [eax + 0x10] > 0x7c3ce5d8 : jmp [ebx - 3] load mem > 0x7c3a3490 : mov eax, [ecx]; ret > 0x7c3a4b9a : mov eax, [edx]; ret > 0x7c3a3a22 : mov eax, [ecx + 0x10]; ret > 0x7c3b2669 : mov eax, [esi + 6]; pop esi; ret > 0x7c3a7990 : mov eax, [ebp + 8]; pop ebp; ret 0x10 load reg > 0x7c3a36a6 : pop eax; ret > 0x7c3a6ff8 : pop ebx; ret > 0x7c3a1860 : pop ecx; ret > 0x7c3a124d : pop esi; ret > 0x7c3a87b4 : pop edi; ret pop pop ret > 0x7c3a36a6 : pop eax; ret > 0x7c3af2e5 : pop ebx; pop ebp; ret > 0x7c3a1880 : pop ecx; pop ecx; pop esi; ret > 0x7c3a5df6 : pop ebx; pop edi; pop esi; pop ebp; ret 0x10 sp lifting > 0x7c3a720a : add esp, 0x10; ret > 0x7c3a720a : add esp, 0x10; ret stack pivoting > 0x7c3b4593 : xchg eax, esp; ret > 0x7c3bc0c9 : lea esp, [ebp - 1]; jmp [esi + 0x3b] > 0x7c3a119b : leave ; ret write mem > 0x7c3a7a07 : add [eax], ecx; ret 4 > 0x7c3a792f : add [eax], edx; ret 4 > 0x7c3aa710 : add [edx], eax; ret > 0x7c3a3fd8 : add [ebp + 0x11890150], ecx; ret > 0x7c3a4bc5 : adc [edi], ecx; mov dh, 0; ret