ROPSHELL 
ropshell> use 8960272039c30e86a48481f9652a230f (download)
name         : unegg (i386/ELF)
base address : 0x8049a60
total gadgets: 4499

ropshell> suggest
call
    > 0x08049b0f : call eax
    > 0x0805c7c9 : call ebx
    > 0x0804c301 : call ecx
    > 0x08097203 : call edx
    > 0x0806257f : call [eax]
jmp
    > 0x0805fec8 : jmp eax
    > 0x080552f1 : jmp [eax]
    > 0x0806a19c : jmp [ebx]
    > 0x0805fd48 : jmp [ecx]
    > 0x08071bf3 : jmp [edx + 0xf]
load mem
    > 0x0806473c : movzx eax, [edx + eax]; ret
    > 0x0809a673 : movzx eax, [ebp + 8]; pop ebp; ret
    > 0x0809923d : mov ecx, [ebx]; or [ebp - 0x1d3efbb0], cl; add al, 0x83; ret
    > 0x0805a78e : mov eax, [ebx + 0x38]; add esp, 4; pop ebx; pop ebp; ret
    > 0x08090f12 : movzx ecx, [edx]; cmp [eax + 0x14], cl; sete al; pop ebp; ret
load reg
    > 0x08049ae3 : pop ebp; ret
    > 0x0804d1a4 : pop esp; ret
    > 0x08049ae2 : pop ebx; pop ebp; ret
    > 0x08049d78 : pop esi; pop ebp; ret
    > 0x08049be9 : pop edi; pop ebp; ret
pop pop ret
    > 0x08049ae3 : pop ebp; ret
    > 0x08049ae2 : pop ebx; pop ebp; ret
    > 0x08097ab4 : pop ebx; pop edi; pop ebp; ret
    > 0x08049be7 : pop ebx; pop esi; pop edi; pop ebp; ret
    > 0x080607d9 : pop eax; pop ebx; pop esi; pop edi; pop ebp; ret
stack pivoting
    > 0x0804b2ae : xchg eax, esp; ret
    > 0x0804b308 : mov esp, ebp; pop ebp; ret
    > 0x08080b62 : mov esp, edi; inc [ebx + 0x5d5b24c4]; ret
    > 0x08049d74 : lea esp, [ebp - 8]; pop ebx; pop esi; pop ebp; ret
    > 0x08049b11 : leave ; ret
write mem
    > 0x08055755 : add [ecx], esi; ret
    > 0x0806f85f : add [ecx], edi; ret
    > 0x08049ade : add [ebx + 0x5d5b04c4], eax; ret
    > 0x08092461 : add [edi], ecx; mov dh, 0x4d; ret
    > 0x08084c9e : add [ebx + 0x518b0c41], ecx; adc cl, cl; ret

© 2014 - 2019 - Powered by ROPEME | Contact