ROPSHELL 
ropshell> use a1f9191578ccf9869a952e47591e1708 (download)
name         : SystemSurvey.exe (i386/PE)
base address : 0x401000
total gadgets: 21654

ropshell> suggest "stack pivoting"
> 0x004099dd : xchg eax, esp; ret
> 0x005322a3 : mov esp, ebx; pop ebx; ret
> 0x004013c0 : mov esp, ebp; pop ebp; ret
> 0x004609f4 : mov esp, edi; dec [ebx - 0x1a74a13a]; pop ebp; ret
> 0x0049f72f : xchg esp, edi; add al, [eax]; add [ebx], bh; ret
> 0x00401fac : lea esp, [ecx]; adc [eax], eax; add esp, 0x10; ret
> 0x00416f49 : lea esp, [ebx + esi*8 - 1]; call [ecx - 0x18]
> 0x004cc3c2 : lea esp, [edi + edi*8 - 1]; call [eax + 0x50]
> 0x004178ad : lea esp, [esp + edi*8 - 1]; call [ecx + 0x50]
> 0x004479e8 : xchg esp, ebx; add [eax], al; add [ebx - 0x4872f7b0], cl; fadd [eax]; add [eax], al; mov ecx, esi; call edx
> 0x0051324e : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact