ROPSHELL 
ropshell> use 56b034b9ab67b78d8cf316af38dc5177 (download)
name         : VBoxDD.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 24103

ropshell> suggest "write mem"
> 0x1800579a4 : add [rax], edx; ret
> 0x1800457b9 : adc [rbx], esi; ret 0xa9
> 0x180103708 : adc [rbx], edi; ret
> 0x1801034b2 : add [rdx], eax; ret
> 0x180031ff4 : add [rdx], ecx; ret
> 0x1801034b1 : add [r10], rax; ret
> 0x1800b0302 : add [rax + 0x3b], ecx; ret
> 0x180059658 : add [rax + 1], edi; ret
> 0x18001982d : add [rbp + 0xb], eax; ret
> 0x18012d996 : add [r8 + 0x3b], ecx; ret
> 0x1801033d2 : add [rcx], eax; xor eax, eax; ret
> 0x1800342d4 : add [rdi], ecx; mov bh, 0x87; ret 0
> 0x1801033d1 : add [r9], eax; xor eax, eax; ret
> 0x18002caae : add [rax], ecx; add [rcx - 0x75], al; ret
> 0x1800586f6 : add [rbx], rsi; rol [rcx - 0x77], 8; ret
> 0x1800b46b9 : add [rcx + 0x10], eax; add rsp, 0x28; ret
> 0x1800583f6 : adc [rbp + 3], esi; mov eax, ecx; ret
> 0x1800c53da : add [rbx + 0xd489], eax; add [rcx], al; ret
> 0x1800b455a : add [rax + 0x10], edx; xor al, al; add rsp, 0x28; ret
> 0x18000221b : adc [rbx + 0x4418901], ecx; mov [rcx + 8], 0; ret
> 0x1800b4559 : add [r8 + 0x10], edx; xor al, al; add rsp, 0x28; ret
> 0x1801033e7 : add [rdx], edi; cmovne eax, edx; mov [rcx + 1], al; ret
> 0x1801033e6 : add [r10], edi; cmovne eax, edx; mov [rcx + 1], al; ret
> 0x180130a5a : add [rdx + 1], edi; call [rax + 8]
> 0x18005eb08 : add [r9 + 0x18], r8; inc [r9 + 0x20]; mov rbx, [rsp + 8]; ret
> 0x18002817d : add [rdi + 0x800b482], eax; add [rax + 0x70], bh; xchg [rdx + 0x800b8], eax; ret
> 0x1800cf05b : adc [rdi], eax; or al, [rax]; mov rcx, rdi; call [rdi]
> 0x180001899 : add [rax + 0x4400001a], ebx; mov ecx, [rcx + rax*4 + 0x1a58]; add r9, rcx; jmp r9
> 0x18002640c : add [rbx], ecx; or [rsi - 0x39], ah; add al, 0; add bh, [rax + 0xc]; mov [rdx + 8], 1; ret
> 0x180098135 : adc [rbp + 0x27], ecx; movss [rbp + 0x2f], xmm0; movss [rbp + 0x33], xmm6; call [rax + 0x58]
> 0x1800393b2 : add [rbp + 0x16], edi; mov rbx, [rsp + 0x10]; mov rdi, [rsp]; mov [r8 + 0xc], 1; add rsp, 8; ret
> 0x1800f6af2 : add [rax], ebp; mov eax, [rdx + rax*4 + 0xc0]; and eax, [rcx + r8 + 8]; mov [r9], eax; xor eax, eax; ret
> 0x180110a39 : add [rax], r8; add [rax + 4], bh; mov rcx, rdi; mov [rbx + 0x2e], al; mov rax, [rdi]; xor ebx, ebx; call [rax + 0x10]
> 0x180082bc7 : adc [rbx], edx; add [rax], al; lea r8, [rip - 0x82bd2]; movzx eax, [r8 + rbx + 0x84db0]; mov ecx, [r8 + rax*4 + 0x84d70]; add rcx, r8; jmp rcx
> 0x180098126 : adc [rbp + 0x17], ebx; movss [rbp + 0x1f], xmm6; movss [rbp + 0x23], xmm6; movss [rbp + 0x27], xmm1; movss [rbp + 0x2f], xmm0; movss [rbp + 0x33], xmm6; call [rax + 0x58]

© 2014 - 2019 - Powered by ROPEME | Contact