ROPSHELL 
ropshell> use 67b2026b5d9009b183a8f4eb23a6180e (download)
name         : KernelBase.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 17820

ropshell> suggest "load reg"
> 0x1800115cc : pop rax; ret
> 0x180001ca7 : pop rbx; ret
> 0x1800d4963 : pop rcx; ret
> 0x18009e73b : pop rdx; ret
> 0x180001ae9 : pop rsi; ret
> 0x1800017ce : pop rdi; ret
> 0x18000111f : pop rbp; ret
> 0x180004b34 : pop rsp; ret
> 0x180004b33 : pop r12; ret
> 0x180009a0d : pop r13; ret
> 0x18000503e : pop r14; ret
> 0x180007308 : pop r15; ret
> 0x18009e739 : pop r10; pop rdx; ret
> 0x18002aa07 : mov rax, [rsp + 8]; ret
> 0x180005908 : mov rbx, [rsp + 8]; ret
> 0x180002342 : mov rdi, [rsp + 0x10]; ret
> 0x18002aa08 : mov eax, [rsp + 8]; ret
> 0x180005909 : mov ebx, [rsp + 8]; ret
> 0x180002343 : mov edi, [rsp + 0x10]; ret
> 0x180039a30 : mov rbp, [rsp + 0x30]; pop r14; pop rsi; ret
> 0x180039a31 : mov ebp, [rsp + 0x30]; pop r14; pop rsi; ret
> 0x18002b0d9 : mov rsi, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x18002b0da : mov esi, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x18004838b : mov ecx, [rsp + rax*4 + 0x48478]; add rcx, r12; jmp rcx

© 2014 - 2019 - Powered by ROPEME | Contact