ropshell> use 896ac8fcc686ae5b022f9e4db7d49841 (download) name : shitorrent (x86_64/ELF) base address : 0x4004d0 total gadgets: 9959
ropshell> suggest "load reg" > 0x004657fc : pop rax; ret > 0x00403f70 : pop rbx; ret > 0x00470a93 : pop rcx; ret > 0x00468036 : pop rdx; ret > 0x00407888 : pop rsi; ret > 0x00400706 : pop rdi; ret > 0x00400b18 : pop rbp; ret > 0x00403368 : pop rsp; ret > 0x00468035 : pop r10; ret > 0x00403367 : pop r12; ret > 0x004035d3 : pop r13; ret > 0x00407887 : pop r14; ret > 0x00400705 : pop r15; ret > 0x004040a3 : pop r11; or al, [rax]; ret > 0x004a6aa9 : mov rax, [rsp]; add rsp, 0x38; ret > 0x004a6aaa : mov eax, [rsp]; add rsp, 0x38; ret > 0x0048fdfa : mov edi, [rsp]; call rbp > 0x0049e6b8 : mov rdx, [rsp + 0x10]; call rdx > 0x0043c2e8 : mov rsi, [rsp + 0x68]; call rax > 0x0041b35d : mov rdi, [rsp + 0x10]; call r14 > 0x0049e6b9 : mov edx, [rsp + 0x10]; call rdx > 0x0043c2e9 : mov esi, [rsp + 0x68]; call rax > 0x0049dc86 : mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax] > 0x0049dc87 : mov ecx, [rsp + 0x40]; add rsp, 0x48; jmp [rax] > 0x004325ea : pop r8; add [rax], al; add [rax], al; mov [rbx + 0x50], 0; pop rbx; ret > 0x0042d8ac : mov r8, [rsp + 0x18]; lea rsi, [rdi + 0x58]; mov rdi, rax; call [rax + 8] > 0x0047221c : mov r9, [rsp + 0x20]; mov rsi, [rsp + 0x40]; mov rdi, [rsp + 0x38]; call r14 > 0x0049dc7c : mov r11, [rsp + 0x30]; mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax] > 0x0049dc7d : mov ebx, [rsp + 0x30]; mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax] > 0x00477cd2 : mov r13, [rsp + 0x10]; add r13, [rsp + 8]; lea rbx, [rax + r15]; mov rdx, r12; mov rsi, r14; mov rdi, r13; call rbp > 0x00477cd3 : mov ebp, [rsp + 0x10]; add r13, [rsp + 8]; lea rbx, [rax + r15]; mov rdx, r12; mov rsi, r14; mov rdi, r13; call rbp > 0x0049dc77 : mov r10, [rsp + 0x28]; mov r11, [rsp + 0x30]; mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax]