ropshell> use 7aaae57ca9ed695f6ae168db14086293 (download) name : libc.so.6 (i386/ELF) base address : 0x1d1d0 total gadgets: 16141
ropshell> suggest call > 0x0001ef25 : call eax > 0x00024e95 : call ebx > 0x00058457 : call ecx > 0x0001ef98 : call edx > 0x000203a6 : call esi jmp > 0x0003cbd8 : push esp; ret > 0x0001f27b : jmp eax > 0x0001ed08 : jmp ebx > 0x0003263e : jmp ecx > 0x000323d9 : jmp edx load mem > 0x0007305b : mov eax, [edx]; ret > 0x0012972b : mov eax, [edx + eax]; ret > 0x00153b4b : mov edi, [esi]; jmp ebx > 0x000804c0 : mov eax, [ecx]; mov [edx], eax; ret > 0x00176489 : mov eax, [ebx + 0x5e5b4cc4]; pop edi; pop ebp; ret load reg > 0x0002c2d2 : pop eax; ret > 0x000224a6 : pop ebx; ret > 0x000350e5 : pop edx; ret > 0x0001e879 : pop esi; ret > 0x0001d26d : pop edi; ret pop pop ret > 0x0002c2d2 : pop eax; ret > 0x00167beb : pop ebp; pop ebx; ret > 0x000b9137 : pop eax; pop edi; pop esi; ret > 0x00048a8a : pop eax; pop ebx; pop esi; pop edi; ret > 0x00023eb6 : pop esp; pop ebx; pop esi; pop edi; pop ebp; ret sp lifting > 0x000359dc : add esp, 0x11c; ret > 0x000359dc : add esp, 0x11c; ret > 0x00176716 : add esp, 0x20; ret > 0x00101414 : add esp, 0x3c; ret > 0x000f7d69 : add esp, 0x4c; ret stack pivoting > 0x00056373 : xchg eax, esp; ret > 0x00035263 : mov esp, ecx; jmp edx > 0x00133132 : xchg esp, esi; call [eax - 0x18] > 0x0001f8c4 : lea esp, [ebp - 0xc]; pop ebx; pop esi; pop edi; pop ebp; ret > 0x000a5cf0 : xchg esp, ebp; int 0xfa; call [eax + 0x68] syscall > 0x00081e99 : call gs:[0x10]; ret write mem > 0x000a3ffc : add [eax], edx; ret > 0x000a401c : add [eax], esi; ret > 0x000904fb : add [eax], edi; ret > 0x0005c0fa : add [ecx], eax; ret > 0x0003b332 : add [ecx], edi; ret