ropshell> use 80085dfefbc8fa4c5d19c9a38facd759 (download) name : gatekeeper.exe (i386/PE) base address : 0x8041000 total gadgets: 184
ropshell> suggest call > 0x08041c8f : call ebx > 0x08041951 : call esi > 0x0804213d : call edi > 0x0804124e : call [ecx - 0x18] > 0x0804125d : call [edx + 0x68] jmp > 0x080414c3 : jmp esp > 0x08041f93 : jmp [esi - 0x74] load mem > 0x08041a89 : mov ecx, [ebp + 0xc]; ror eax, cl; pop ebp; ret > 0x08041a86 : mov eax, [ebp + 8]; mov ecx, [ebp + 0xc]; ror eax, cl; pop ebp; ret > 0x08041f16 : mov ecx, [eax + 4]; or [eax], 2; mov [eax + 4], ecx; ret load reg > 0x08042148 : pop ebx; ret > 0x08041893 : pop ecx; ret > 0x08041a46 : pop esi; ret > 0x08041038 : pop ebp; ret > 0x08041a45 : pop edi; pop esi; ret pop pop ret > 0x08041038 : pop ebp; ret > 0x08041bc5 : pop ecx; pop ebp; ret > 0x08041bc4 : pop ecx; pop ecx; pop ebp; ret stack pivoting > 0x08041077 : mov esp, ebp; pop ebp; ret