ROPSHELL 
ropshell> use 7b93c623333f121dc9e689ccb1b7a733 (download)
name         : mfc71u.dll (i386/PE)
base address : 0x7c251000
total gadgets: 29480

ropshell> suggest "write mem"
> 0x7c2b2e89 : adc [ebx], edi; ret
> 0x7c26df95 : add [eax + eax], ecx; ret
> 0x7c2d1dc5 : add [esi + 0x5d], ebx; ret 0x10
> 0x7c2b0265 : add [edi + 0x5e], ebx; ret 4
> 0x7c30c499 : add [ecx], eax; add al, 0; ret 8
> 0x7c28d328 : add [edx], ebp; call [eax]; ret 4
> 0x7c2d82a3 : adc [edi], ecx; mov bh, 0xc0; ret 0xc
> 0x7c2c1442 : add [ebx + 0x450ffce], ecx; pop esi; ret
> 0x7c2a61de : add [ebx + 0x3720df8], eax; xor eax, eax; ret
> 0x7c25260a : add [edi + 0xc], eax; pop edi; pop esi; ret 4
> 0x7c2d79e7 : add [esi], eax; add [eax + 0x7c2d79f1], bh; ret
> 0x7c30c527 : adc [edx + 2], ebp; call edi
> 0x7c300a45 : add [ebx], esi; call [edi - 0x75]
> 0x7c2c149e : adc [eax + 0x51], edx; call [edx + 0xc]; pop esi; ret 4
> 0x7c26a27d : add [eax + 0xfffff50], esi; add [eax + 0x7c26a28c], bh; ret
> 0x7c288c93 : add [esi + 0x14], edi; mov eax, edi; pop edi; pop esi; ret 8
> 0x7c314838 : add [ebx], eax; idiv bh; pop ecx; mov eax, esi; pop esi; pop ebx; ret 4
> 0x7c28c9da : adc [ecx], esi; std ; call [esi - 0x75]
> 0x7c302dff : adc [ebx + 0x6a], edx; call [eax - 1]
> 0x7c2d78a8 : add [esi + 0x5f], eax; mov eax, esi; pop esi; pop ebx; pop ebp; ret 0x18
> 0x7c307558 : add [esi + 0x51], edx; call [eax + 0x14]
> 0x7c30973d : add [ebp + 0x5052a055], ecx; call [ecx + 0x24]
> 0x7c2c424f : add [edx], ecx; or [ebx - 0x7df71732], 0xff; call [ebx - 0x45]
> 0x7c2aa33e : add [eax + 0x108bfffc], ebp; mov ecx, eax; call [edx + 0xc]
> 0x7c2ed95a : add [edi + 0x50], edx; mov ecx, esi; call [edx + 0x7c]
> 0x7c28a813 : adc [ecx], ebp; std ; dec [ebx + 0x118b4c4f]; push eax; call [edx + 0x68]
> 0x7c2bf450 : add [ebp + 0x1e], esi; mov ecx, [eax]; push eax; call [ecx + 8]
> 0x7c2d1c53 : add [edx], eax; add [ebx - 0x774fbb2], cl; mov eax, [ecx]; push edi; call [eax + 0x54]
> 0x7c284b45 : adc [eax], esi; add [esi - 1], dl; ror [ebx + 0xff73bf0], cl; test [ebp + 0x5bfffcff], edx; pop edi; pop esi; ret 4
> 0x7c2b09af : adc [ebp + 0x157c5ec0], eax; mov eax, [ebp - 4]; push [ebp + 8]; mov ecx, [eax]; push eax; call [ecx + 0x10]

© 2014 - 2019 - Powered by ROPEME | Contact