ropshell> use 5df2776aef2f96833554ac27952742ad (download) name : ch75_bis.exe (x86_64/PE) base address : 0x140001000 total gadgets: 1177
ropshell> suggest call > 0x14000271e : call rax > 0x140001797 : call rbx > 0x14000d476 : call rdx > 0x140002d00 : call rsi > 0x140001e27 : call rdi jmp > 0x140010134 : jmp rax > 0x140002125 : jmp rcx > 0x14000261b : jmp r9 > 0x140011da3 : push rsp; and al, 8; ret > 0x140012651 : jmp [rbx] load mem > 0x14000ca2e : movzx ecx, [rdx]; sub eax, ecx; ret > 0x140002178 : mov rcx, [rdx]; mov [rax], rcx; ret > 0x14000a4b2 : mov eax, [rcx + 0x18]; add rsp, 0x28; ret > 0x14000e0cd : mov rsi, [r11 + 0x18]; mov rsp, r11; pop rdi; ret > 0x14000a48a : mov rdi, [r11 + 0x20]; mov rsp, r11; pop r14; ret load reg > 0x1400100d5 : pop rax; ret > 0x14000167b : pop rbx; ret > 0x140002f65 : pop rsi; ret > 0x140001255 : pop rdi; ret > 0x140001990 : pop rbp; ret pop pop ret > 0x1400045d6 : pop r12; ret > 0x14000cbbd : pop r12; pop rbp; ret > 0x14000700b : pop r12; pop rdi; pop rsi; ret > 0x140005e1f : pop r12; pop rdi; pop rsi; pop rbp; ret > 0x14000608a : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret sp lifting > 0x1400010c9 : add rsp, 0x18; ret > 0x1400010c9 : add rsp, 0x18; ret > 0x14000169f : add rsp, 0x28; ret > 0x140001199 : add rsp, 0x38; ret > 0x1400122c2 : add rsp, 0x48; ret stack pivoting > 0x140001d1c : xchg eax, esp; ret > 0x140008733 : mov rsp, r11; pop r14; ret > 0x140008734 : mov esp, ebx; pop r14; ret > 0x14000e00d : lea rsp, [rbp + 0x10]; pop r15; pop r14; pop r13; pop r12; pop rbp; ret > 0x14000e00e : lea esp, [rbp + 0x10]; pop r15; pop r14; pop r13; pop r12; pop rbp; ret write mem > 0x1400024bf : adc [rcx], eax; mov rax, r11; ret > 0x14000be3d : add [rcx + 0xf], eax; xchg eax, esi; ret > 0x140007b83 : adc [rdi + 6], esi; mov eax, 0xd; ret > 0x1400020ce : add [rdi], ecx; sub [rbx + 0x49000001], -0x75; ret > 0x1400024bc : adc [rbx], ecx; movups xmm[rcx], xmm0; mov rax, r11; ret