ROPSHELL 
ropshell> use 6fdac2c1a99265c7870f8425906a8496 (download)
name         : 7zxa.dll (x86_64/PE)
base address : 0x10001000
total gadgets: 4738

ropshell> suggest
call
    > 0x10001d04 : call rax
    > 0x10024cb6 : call rsi
    > 0x10024c08 : call rbp
    > 0x10024d7b : call rsp
    > 0x10024d7a : call r12
jmp
    > 0x10013899 : push rsp; ret
    > 0x1001c50a : jmp rax
    > 0x100111ea : jmp rcx
    > 0x1001c509 : jmp r8
    > 0x10020101 : jmp [rax]
load mem
    > 0x100010d7 : mov eax, [rcx + 0x10]; ret
    > 0x10003060 : mov rax, [rcx]; jmp [rax + 0x18]
    > 0x10003061 : mov eax, [rcx]; jmp [rax + 0x18]
    > 0x10020040 : mov r12, [rbp + 0x28]; mov rsp, rbp; pop rbp; ret
    > 0x10019c71 : mov rax, [rbp]; call [rax + 0x18]
load reg
    > 0x10014147 : pop rax; ret
    > 0x10001088 : pop rbx; ret
    > 0x1000be85 : pop rdi; ret 1
    > 0x10001e92 : pop rbp; ret
    > 0x1000139a : pop rsi; pop rbx; ret
pop pop ret
    > 0x10014147 : pop rax; ret
    > 0x1000b5f6 : pop r12; pop rbp; ret
    > 0x10001399 : pop rdi; pop rsi; pop rbx; ret
    > 0x1000289b : pop r12; pop rdi; pop rsi; pop rbx; ret
    > 0x10002a43 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret
sp lifting
    > 0x10025169 : add rsp, 0x10; ret
    > 0x10025169 : add rsp, 0x10; ret
    > 0x1002128b : add rsp, 0x238; ret
    > 0x1000684a : add rsp, 0x38; ret
    > 0x1000e399 : add rsp, 0x48; ret
stack pivoting
    > 0x1000d8a1 : xchg eax, esp; ret
    > 0x10020044 : mov rsp, rbp; pop rbp; ret
    > 0x10020045 : mov esp, ebp; pop rbp; ret
    > 0x100041bd : xchg esp, eax; add al, [rax]; ret
    > 0x1000cb72 : mov esp, eax; mov rsi, rdx; mov rdi, rcx; mov rax, [rcx]; call [rax + 0x20]
write mem
    > 0x1001c5ff : adc [rax + 6], edi; ret
    > 0x10006ecf : adc [rcx + 0x3b], eax; ret
    > 0x10007d3a : add [rdi + 0x5b], ebx; ret
    > 0x10010a7a : add [rbp + 0x2b], eax; ret
    > 0x1001c5fe : adc [r8 + 6], rdi; ret

© 2014 - 2019 - Powered by ROPEME | Contact