ropshell> use 9b048b35b934f748874c37eda9c6c5c2 (download) name : kernel32.dll (x86_64/PE) base address : 0x180001000 total gadgets: 4554
ropshell> suggest call > 0x1800bcda4 : call rax > 0x1800013f0 : call rbx > 0x1800cff6f : call rcx > 0x180015d93 : call rdx > 0x1800ca0b8 : call rsi jmp > 0x18000117a : jmp rax > 0x18000bb39 : jmp rcx > 0x180002307 : jmp rdi > 0x180011742 : jmp [rax] > 0x1800b6b89 : jmp [rbx] load mem > 0x18001fb4f : movzx eax, [rcx]; ret > 0x1800f5410 : mov rax, [rbp + 0xa0]; call rax > 0x180106e7d : mov rcx, [rsi + 0x10]; call rbx > 0x1800d12bb : mov rcx, [rdi + 8]; call rbx > 0x1800f548b : mov rdx, [rbp + 8]; call r13 load reg > 0x180002c06 : pop rax; ret > 0x18000149c : pop rbx; ret > 0x1800c9ded : pop rcx; ret > 0x180002b98 : pop rsi; ret > 0x180001419 : pop rdi; ret pop pop ret > 0x1800063b4 : pop r12; ret > 0x1800044a1 : pop r12; pop rbp; ret > 0x1800034bd : pop r12; pop rdi; pop rbp; ret > 0x18000e73b : pop r12; pop rdi; pop rbp; pop rbx; ret > 0x1800027a3 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret sp lifting > 0x18001c3f4 : add rsp, 0x118; ret > 0x18001c3f4 : add rsp, 0x118; ret > 0x180001136 : add rsp, 0x28; ret > 0x18000106f : add rsp, 0x38; ret > 0x1800016ac : add rsp, 0x48; ret stack pivoting > 0x180002cc1 : xchg eax, esp; ret > 0x1800094a9 : mov rsp, r11; pop r14; ret > 0x1800094aa : mov esp, ebx; pop r14; ret > 0x18000bb23 : xchg esp, edx; imul edi, edi, -1; lea rdx, [rip - 0xbb2f]; mov ecx, [rdx + rax*4 + 0x6e620]; add rcx, rdx; jmp rcx > 0x1800193f7 : leave ; add eax, ecx; ret syscall > 0x1800010e4 : int 0x80; adc al, 0; add [rbp + 0x2e], dh; ret write mem > 0x1800c3dbe : add [rax + 0x28c48348], edx; ret > 0x1800c50f3 : adc [rbp + rax], ecx; ret > 0x180017971 : adc [rcx], eax; add al, 0x80; ret > 0x18001fb4a : add [rbx], edi; sal [rbp - 0x14], 1; movzx eax, [rcx]; ret > 0x18000af24 : add [rax], r8; add [rsi + 0x41], ah; mov [rcx], ecx; ret