ROPSHELL 
ropshell> use 9dbd63e07dc12cda7d575d57c61940a7 (download)
name         : libc.so.6 (x86_64/ELF)
base address : 0x1840
total gadgets: 15462

ropshell> suggest
call
    > 0x00003246 : call rax
    > 0x00008fd6 : call rbx
    > 0x0001159c : call rcx
    > 0x00011bb0 : call rdx
    > 0x000032e2 : call rsi
jmp
    > 0x0000fa16 : push rsp; ret
    > 0x00003483 : jmp rax
    > 0x0000811d : jmp rbx
    > 0x0000f9f3 : jmp rcx
    > 0x000074af : jmp rdx
load mem
    > 0x0005ebe0 : mov eax, [rdx]; ret
    > 0x000bda24 : mov eax, [rdi]; ret
    > 0x0006bb84 : mov rax, [rdi + 0x68]; ret
    > 0x0011fcd1 : mov eax, [rdx + 8]; ret
    > 0x001167e4 : mov eax, [rdi + 0x20]; ret
load reg
    > 0x000ae727 : pop rax; ret
    > 0x0002ed44 : pop rbx; ret
    > 0x0007c3fe : pop rcx; ret
    > 0x00035b0e : pop rsi; ret
    > 0x000dc3a5 : pop rdi; ret
pop pop ret
    > 0x000bf872 : pop r12; ret
    > 0x0002eb33 : pop r12; pop r13; ret
    > 0x000dd6f4 : pop r12; pop r13; pop r14; ret
    > 0x000dc39e : pop r12; pop r13; pop r14; pop r15; ret
    > 0x000f2a0c : pop r11; pop r12; pop r13; pop r14; pop rbp; ret
sp lifting
    > 0x000db8ff : add rsp, 0x18; ret
    > 0x000db8ff : add rsp, 0x18; ret
    > 0x000f8d5a : add rsp, 0x38; ret
    > 0x000f8dbb : add rsp, 0x40; ret
stack pivoting
    > 0x00034a4f : mov rsp, rdx; ret
    > 0x0001c967 : xchg eax, esp; ret
    > 0x00034a50 : mov esp, edx; ret
    > 0x0004f56b : mov esp, esi; jmp rdx
    > 0x0004f6c1 : mov esp, edi; jmp rdx
syscall
    > 0x0006da86 : syscall ; ret
    > 0x0006608b : int 0x80; cmp esi, 2; cmove eax, ecx; mov [rdi], eax; mov eax, edx; ret
write mem
    > 0x0008cc4c : adc [rcx], eax; ret
    > 0x0006f138 : add [rcx], edi; ret
    > 0x000e3a85 : add [rcx], ebp; ret
    > 0x0001976c : adc [rdx], ecx; ret
    > 0x000780af : add [rdi], rax; ret

© 2014 - 2019 - Powered by ROPEME | Contact