ROPSHELL 
ropshell> use 5c42d7edad34b9a6fbc573699657f674 (download)
name         : iw4x.exe (i386/PE)
base address : 0x401000
total gadgets: 50584

ropshell> suggest
call
    > 0x00401f27 : call eax
    > 0x0040798c : call ebx
    > 0x00401ee2 : call ecx
    > 0x00401ea1 : call edx
    > 0x004047ea : call esi
jmp
    > 0x00419b82 : push esp; ret
    > 0x00437a94 : jmp eax
    > 0x0046395d : jmp ebx
    > 0x0049196b : jmp ecx
    > 0x0049183d : jmp edx
load mem
    > 0x004b1f8a : mov eax, [ecx]; ret
    > 0x00403b0c : mov eax, [edx]; ret
    > 0x006b6b4d : mov esi, [ebp]; ret
    > 0x004e7808 : mov ebp, [edi]; ret
    > 0x00644074 : mov eax, [esi]; pop esi; ret
load reg
    > 0x00404c32 : pop eax; ret
    > 0x0040107e : pop ebx; ret
    > 0x00401860 : pop ecx; ret
    > 0x006ab192 : pop edx; ret
    > 0x004011d5 : pop esi; ret
pop pop ret
    > 0x006142aa : pop bx; ret
    > 0x004a4c9e : pop eax; pop eax; ret
    > 0x005f4fcd : pop eax; pop esi; pop ecx; ret
    > 0x006b93fd : pop eax; pop edi; pop esi; pop ebp; ret
    > 0x0053e712 : pop ebp; pop ebx; pop edi; pop esi; pop ecx; ret
sp lifting
    > 0x00411e5a : add esp, 0x1000; ret
    > 0x00411e5a : add esp, 0x1000; ret
    > 0x0043055d : add esp, 0x2000; ret
    > 0x00686e84 : add esp, 0x3008; ret
    > 0x004622a9 : add esp, 0x4000; ret
stack pivoting
    > 0x0043153a : xchg eax, esp; ret
    > 0x004032f1 : mov esp, ebp; pop ebp; ret
    > 0x00439d40 : xchg esp, edi; inc [ebx - 0x3fcdf33c]; pop esi; ret
    > 0x005b8ee6 : mov esp, esp; inc [ebx + 0x5e5f0cc4]; ret
    > 0x0063dda3 : xchg esp, esp; inc [ebx - 0x3fccfb3c]; add esp, 0x410; ret
write mem
    > 0x004f8027 : add [ebx], eax; ret
    > 0x0050c8ad : add [ebx], ecx; ret
    > 0x004e7844 : add [ebx], esi; ret
    > 0x004e2d8d : adc [ebx], edi; ret
    > 0x0054f4ac : add [ebx], ebp; ret

© 2014 - 2019 - Powered by ROPEME | Contact