ropshell> use 6f1c8d5a80c9fc86163f874328ef80e6 (download)
name         : dinput.dll (i386/RAW)
base address : 0x0
total gadgets: 3661

ropshell> suggest
call
    > 0x000034c8 : call eax
    > 0x00044088 : call ebx
    > 0x000006fa : call ecx
    > 0x000196e1 : call esi
    > 0x00002dcd : call edi
jmp
    > 0x0004cd13 : jmp eax
    > 0x0004edbc : jmp esi
    > 0x00053b7e : jmp ebp
    > 0x0000b80b : jmp esp
    > 0x000039e8 : jmp [eax]
load mem
    > 0x00054186 : mov eax, [ecx]; ret
    > 0x00062114 : mov eax, [edx + 4]; ret
    > 0x0005219a : mov eax, [ebp + 8]; pop ebp; ret
    > 0x0004ffeb : mov eax, [ecx + 0x400]; shr eax, 1; ret
    > 0x000506fa : mov eax, [esi + 0x18]; pop ebx; pop esi; ret
load reg
    > 0x0004b2d7 : pop ebx; ret
    > 0x0004c0a9 : pop ecx; ret
    > 0x00060c9e : pop edx; ret
    > 0x00015fae : pop esi; ret
    > 0x0004d023 : pop edi; ret
pop pop ret
    > 0x0002370f : pop ebp; ret
    > 0x000511d0 : pop eax; pop ebp; ret
    > 0x0005c6b3 : pop ebx; pop edi; pop ebp; ret
    > 0x0005d6f0 : pop eax; pop edi; pop esi; pop ebp; ret
    > 0x0005fc68 : pop ecx; pop edi; pop ebx; pop esi; pop ebp; ret
sp lifting
    > 0x00061b72 : add esp, 0x10; ret
    > 0x00061b72 : add esp, 0x10; ret
    > 0x0004bbad : add esp, 0x20; ret
stack pivoting
    > 0x00054368 : xchg eax, esp; ret
    > 0x0004d904 : mov esp, ebx; pop ebx; ret
    > 0x0004b0ab : mov esp, ebp; pop ebp; ret
    > 0x0004d6a6 : lea esp, [esp]; lea ecx, [ecx]; mov eax, [esp + 0xc]; pop esi; pop edi; ret
    > 0x0003b3f4 : xchg esp, esp; int1 ; push es; sub [ebp - 0x2236b], cl; call [edx + 0x6a]
write mem
    > 0x00051934 : add [esi + 0x5b], ebx; ret
    > 0x0005188a : add [edi + 0x5e], ebx; ret
    > 0x0004d411 : add [ebx + 0x5e0c2444], ecx; pop edi; ret
    > 0x00051f2c : add [ebx + 0xe8901c9], eax; pop esi; pop ebp; ret
    > 0x00061546 : add [eax], ebp; xor [esi + eax*2 + 0xf], 0xbe; ret