ROPSHELL 
ropshell> use 911ddf2e16761643a47225f654d811e5 (download)
name         : ntdll.dll (i386/PE)
base address : 0x7c901000
total gadgets: 6968

ropshell> search add esp ? %
found 9 gadgets
> 0x7c90e037 : add esp, 0x14; ret
> 0x7c9012e1 : add esp, 0xc; ret
> 0x7c90ea1a : add esp, 8; pop ebp; ret 4
> 0x7c92c663 : add esp, [ebx]; ret
> 0x7c9033d2 : add esp, 0; add [eax], al; pop ebx; ret 4
> 0x7c903184 : add esp, 4; pop esi; mov edx, eax; mov eax, ecx; pop ebp; ret 0xc
> 0x7c90ea68 : add esp, 8; pop ebp; mov eax, [esp + 8]; mov edx, [esp + 0x10]; mov [edx], eax; mov eax, 3; ret
> 0x7c901094 : add esp, 4; mov ecx, fs:[0x18]; mov eax, [ecx + 0x24]; mov [edx + 0xc], eax; mov [edx + 8], 1; xor eax, eax; ret 4
> 0x7c90e460 : add esp, 4; pop edx; mov eax, fs:[0x18]; mov eax, [eax + 0x30]; mov eax, [eax + 0x2c]; call [eax + edx*4]

© 2014 - 2019 - Powered by ROPEME | Contact