ropshell> use 8f481ed91c05d7efccae32b0d0359f22 (download) name : ss.dll (x86_64/PE) base address : 0x13b401000 total gadgets: 2880
ropshell> suggest call > 0x13b406379 : call rax > 0x13b4087e6 : call rbx > 0x13b406363 : call rcx > 0x13b41c935 : call rdx > 0x13b41784d : call rsi jmp > 0x13b409913 : jmp rax > 0x13b40bfec : jmp rcx > 0x13b40b735 : jmp rdx > 0x13b40bfeb : jmp r9 > 0x13b40d068 : jmp r10 load mem > 0x13b413612 : mov rax, [rcx]; add rsp, 0x38; ret > 0x13b413613 : mov eax, [rcx]; add rsp, 0x38; ret > 0x13b417eea : movzx ecx, [rdx]; sub eax, ecx; ret > 0x13b40e088 : mov rcx, [rdx]; mov [rax], rcx; ret > 0x13b4197a6 : mov eax, [rcx + 0x18]; add rsp, 0x28; ret load reg > 0x13b4210e9 : pop rax; ret > 0x13b40136e : pop rbx; ret > 0x13b405ff1 : pop rsi; ret > 0x13b401093 : pop rdi; ret > 0x13b408848 : pop rbp; ret pop pop ret > 0x13b40a407 : pop r12; ret > 0x13b40ccf0 : pop r12; pop rbp; ret > 0x13b4118f6 : pop r12; pop rdi; pop rbp; ret > 0x13b40cf6f : pop r12; pop rdi; pop rsi; pop rbp; ret > 0x13b4216ae : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret sp lifting > 0x13b40a7a4 : add rsp, 0x18; ret > 0x13b40a7a4 : add rsp, 0x18; ret > 0x13b405295 : add rsp, 0x28; ret > 0x13b406fc2 : add rsp, 0x38; ret > 0x13b409e0c : add rsp, 0x428; ret stack pivoting > 0x13b40b3f7 : xchg eax, esp; ret > 0x13b419435 : mov rsp, r11; pop r14; ret > 0x13b419436 : mov esp, ebx; pop r14; ret > 0x13b41d17f : lea rsp, [rbp + 0x10]; pop r15; pop r14; pop r13; pop r12; pop rbp; ret > 0x13b41d180 : lea esp, [rbp + 0x10]; pop r15; pop r14; pop r13; pop r12; pop rbp; ret write mem > 0x13b40e3df : adc [rcx], eax; mov rax, r11; ret > 0x13b418593 : adc [rdi + 6], esi; mov eax, 0xd; ret > 0x13b40dfde : add [rdi], ecx; sub [rbx + 0x49000001], -0x75; ret > 0x13b40e3dc : adc [rbx], ecx; movups xmm[rcx], xmm0; mov rax, r11; ret > 0x13b405b57 : adc [rax + 0x49282444], ecx; jmp [rdx + 0x40]