ropshell> use 82ff57d04eb11340b072a4996e7bf89f (download) name : libc-4e5dfd832191073e18a09728f68666b6465eeacd.so (x86_64/ELF) base address : 0x1f9c0 total gadgets: 16542
ropshell> suggest "stack pivoting" > 0x000274f0 : xchg eax, esp; ret > 0x00117fee : xchg rax, rsp; idiv edi; ret > 0x00103d34 : mov esp, edx; call rbp > 0x00039b41 : lea rsp, [rbp - 0x10]; pop rbx; pop r12; pop rbp; ret > 0x00039b42 : lea esp, [rbp - 0x10]; pop rbx; pop r12; pop rbp; ret > 0x000355e9 : mov rsp, r8; mov rbp, r9; nop ; jmp rdx > 0x000355ea : mov esp, eax; mov rbp, r9; nop ; jmp rdx > 0x00103054 : xchg edi, esp; add [rax], al; add [rax - 0x7d], cl; ret > 0x00079527 : lea esp, [rdx + rdi*8 - 1]; xor eax, eax; pop rbx; ret > 0x0006e26d : mov rsp, rbx; lea rsp, [rbp - 0x18]; pop rbx; pop r12; pop r13; pop rbp; ret > 0x0006e26e : mov esp, ebx; lea rsp, [rbp - 0x18]; pop rbx; pop r12; pop r13; pop rbp; ret > 0x00037605 : lea esp, [rsi + rbx]; mov rdi, r12; call r15 > 0x0012de7d : push rdi; pop rsp; lea rsi, [rdi + 0x48]; mov rdi, rax; mov rcx, [rcx + 0x18]; jmp rcx > 0x000bc645 : mov esp, esi; and r12, rbp; and r12d, 1; add r12, rax; mov [rsp + 0xa8], r12; call r15 > 0x0013c31f : lea esp, [rbx + 0x10]; mov [rbx + 0x10], 0; mov rdi, r12; call [rax + 0x28] > 0x00157365 : xchg esp, eax; add eax, [rax]; movsxd rdx, [r11 + rdx*4]; lea rdx, [r11 + rdx]; jmp rdx > 0x000424a5 : leave ; ret