ropshell> use 64a0f903d39bbe0f468735d3fe1c59be (download) name : libc-2.19.so (i386/ELF) base address : 0x17420 total gadgets: 15300
ropshell> suggest call > 0x00019aa2 : call eax > 0x0001fb1c : call ebx > 0x00033541 : call ecx > 0x0001b19f : call edx > 0x00019a18 : call esi jmp > 0x001265e6 : push esp; ret > 0x0001a8f0 : jmp eax > 0x0007625d : jmp ebx > 0x0004d7be : jmp ecx > 0x0002c9c1 : jmp edx load mem > 0x0006ce17 : mov eax, [edx]; ret > 0x0001b61b : mov eax, [ecx + 0x3664]; ret > 0x0010bc48 : mov eax, [edx + eax]; ret > 0x000b4533 : mov eax, [ebp + ebx]; add al, ch; ret > 0x000fb71f : mov ebp, [ecx + 0xc]; jmp edx load reg > 0x0002469f : pop eax; ret > 0x000198ce : pop ebx; ret > 0x0002e3cc : pop edx; ret > 0x00019626 : pop esi; ret > 0x0001749a : pop edi; ret pop pop ret > 0x0002469f : pop eax; ret > 0x001414eb : pop ebp; pop ebx; ret > 0x000a5747 : pop eax; pop edi; pop esi; ret > 0x0003042a : pop eax; pop ebx; pop esi; pop edi; ret > 0x0001d548 : pop esp; pop ebx; pop esi; pop edi; pop ebp; ret sp lifting > 0x0007c211 : add esp, 0x100; ret > 0x0007c211 : add esp, 0x100; ret > 0x0001a58f : add esp, 0x24; ret > 0x000d9cf2 : add esp, 0x3c; ret > 0x00119195 : add esp, 0x4c; ret stack pivoting > 0x00035324 : xchg eax, esp; ret > 0x0002e49d : mov esp, ecx; jmp edx > 0x00117fca : lea esp, [ebp - 8]; pop ebx; pop edi; pop ebp; ret > 0x0011bf03 : xchg esp, esi; inc [ebx - 0x6bf0fe08]; rol [ebx - 0x49f0d33c], 0xc0; ret > 0x0010cdb2 : mov esp, eax; xor [eax], eax; add al, ch; inc esp; ret syscall > 0x000b6695 : call gs:[0x10]; ret > 0x000ebac1 : int 0x80; pop ebp; pop edi; pop esi; pop ebx; ret write mem > 0x0009483c : add [eax], edx; ret > 0x0009485c : add [eax], esi; ret > 0x000889b1 : add [eax + 0x5f028d02], ecx; ret > 0x000efff6 : add [eax + 0x5d5f5e5b], edx; ret > 0x0008a4c5 : add [ebx + 0x5b5fffd8], eax; ret