ROPSHELL 
ropshell> use 9ff519e859f3637574f62533c5215324 (download)
name         : func.dll (i386/PE)
base address : 0x62501000
total gadgets: 125

ropshell> suggest
call
    > 0x62501026 : call eax
    > 0x625011e6 : call edx
jmp
    > 0x62501297 : jmp esp
load mem
    > 0x6250158d : mov eax, [ebx + 4]; mov [esp], esi; call eax
load reg
    > 0x6250129c : pop eax; ret
    > 0x62501056 : pop ebx; ret
    > 0x625012f4 : pop ecx; ret
    > 0x625012cc : pop edx; ret
    > 0x625014df : pop esi; ret 0xc
pop pop ret
    > 0x6250129c : pop eax; ret
    > 0x6250129b : pop eax; pop eax; ret
    > 0x625015ae : pop ebx; pop esi; pop ebp; ret
    > 0x6250182c : pop ebx; pop esi; pop edi; pop ebp; ret
sp lifting
    > 0x6250118f : add esp, 0x1c; ret
    > 0x6250118f : add esp, 0x1c; ret
    > 0x625013cb : sub esp, 0xc; nop ; call eax
stack pivoting
    > 0x625015ab : lea esp, [ebp - 8]; pop ebx; pop esi; pop ebp; ret
    > 0x6250122b : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact