ropshell> use 9948e1ae899c4b5cc910fae8798a89db (download)
name         : tears (x86_64/RAW)
base address : 0x0
total gadgets: 7904
ropshell> suggest
call
    > 0x00000753 : call rax
    > 0x000022e8 : call rbx
    > 0x00000546 : call rcx
    > 0x0000078d : call rdx
    > 0x000266a7 : call rsi
jmp
    > 0x00070736 : push rsp; ret
    > 0x00008a94 : jmp rax
    > 0x00014844 : jmp rbx
    > 0x00013aff : jmp rcx
    > 0x0005b74f : jmp rdx
load mem
    > 0x0008a9e6 : mov edi, [rdx]; ret
    > 0x0000d28b : movzx eax, [rdx]; pop rbx; ret
    > 0x000706a0 : mov eax, [rdx + 0x4c]; ret
    > 0x000580e5 : mov eax, [rcx]; pop rbx; pop rsi; ret
    > 0x0000cef9 : mov eax, [rcx + 8]; sub eax, edx; ret
load reg
    > 0x00070726 : pop rax; ret
    > 0x00000189 : pop rbx; ret
    > 0x00097229 : pop rcx; ret
    > 0x0002756a : pop rdx; ret
    > 0x000003f3 : pop rsi; ret
pop pop ret
    > 0x0001c5aa : pop r11; ret
    > 0x000582dc : pop rbx; pop rdi; ret
    > 0x000654d5 : pop rbp; pop rsi; pop rdi; ret
    > 0x0006511a : pop rax; pop rbx; pop rsi; pop rdi; ret
    > 0x000506f4 : pop rax; pop rbx; pop rsi; pop rdi; pop rbp; ret
stack pivoting
    > 0x00000d16 : xchg eax, esp; ret
    > 0x00070962 : mov esp, ecx; ret
    > 0x000009b2 : lea esp, [rcx - 4]; ret
    > 0x00038e79 : xchg esp, edi; call [rcx + 0x51]
    > 0x00002da2 : lea esp, [rbp - 0xc]; pop rbx; pop rsi; pop rdi; pop rbp; ret
syscall
    > 0x00027b80 : int 0x80; ret
write mem
    > 0x00034e36 : add [rcx], eax; ret
    > 0x0000c2e1 : add [rcx], edi; ret
    > 0x0008e84a : add [rdx], ecx; ret
    > 0x00046579 : add [rdi], ecx; ret 0x8b
    > 0x0009b26d : add [r10], ecx; ret