ropshell> use 817013214ac1029758fc86d209b5d741 (download)
name         : assign6 (x86_64/ELF)
base address : 0x9380
total gadgets: 8106

ropshell> suggest
call
    > 0x0000a598 : call rax
    > 0x0001f24f : call rbx
    > 0x00060006 : call rcx
    > 0x000257bf : call rdx
    > 0x000609f2 : call rsi
jmp
    > 0x00029972 : push rsp; ret
    > 0x00009c6f : jmp rax
    > 0x000a9c2b : jmp rbx
    > 0x00036553 : jmp rcx
    > 0x0000c796 : jmp rdx
load mem
    > 0x000a5992 : mov eax, [rcx]; ret
    > 0x00024aa4 : mov rax, [rdi + 0x68]; ret
    > 0x00024aa5 : mov eax, [rdi + 0x68]; ret
    > 0x0002ccf4 : mov eax, [rdx]; add bh, dh; ret 0
    > 0x0002f243 : movzx eax, [rdi]; sub eax, ecx; ret
load reg
    > 0x0005c2f7 : pop rax; ret
    > 0x0000a240 : pop rbx; ret
    > 0x0001287e : pop rsi; ret
    > 0x0000a80f : pop rdi; ret
    > 0x00009cf3 : pop rbp; ret
pop pop ret
    > 0x0000ac6d : pop r12; ret
    > 0x0001489d : pop r12; pop r13; ret
    > 0x00012879 : pop r12; pop r13; pop r14; ret
    > 0x0000a808 : pop r12; pop r13; pop r14; pop r15; ret
    > 0x0000d2ed : pop r12; pop r13; pop r14; pop r15; pop rbp; ret
sp lifting
    > 0x0005db5b : add rsp, 0x1018; ret
    > 0x0005db5b : add rsp, 0x1018; ret
    > 0x0005b69d : add rsp, 0x28; ret
    > 0x000a9d14 : add rsp, 0x30; ret
    > 0x0005c2f4 : add rsp, 0x58; ret
stack pivoting
    > 0x0000a1e7 : xchg eax, esp; ret
    > 0x000bfae9 : mov rsp, rcx; pop rcx; jmp rcx
    > 0x0008e4c1 : mov esp, eax; mov rax, r12; pop r12; ret
    > 0x000bfaea : mov esp, ecx; pop rcx; jmp rcx
    > 0x000c1480 : xchg esp, esi; jmp [rsi + 0x66]
syscall
    > 0x000256f6 : syscall ; ret
write mem
    > 0x0008d098 : adc [rax], ecx; ret
    > 0x0005064c : adc [rcx], eax; ret
    > 0x00013e2c : adc [rdi], eax; ret
    > 0x0009f55e : adc [rbx], eax; pop rbx; ret
    > 0x00060526 : adc [rax + 0x39], ecx; ret