ROPSHELL 
ropshell> use a90a0dd472e75a0e34cd6a4b0627a9b1 (download)
name         : main (x86_64/ELF)
base address : 0x401180
total gadgets: 6282

ropshell> suggest
call
    > 0x00401e86 : call rax
    > 0x0041f9ab : call rbx
    > 0x00410f8e : call rcx
    > 0x0043570c : call rdx
    > 0x00461b79 : call rsi
jmp
    > 0x0041feab : push rsp; ret
    > 0x0040181c : jmp rax
    > 0x00466d1d : jmp rbx
    > 0x0041b494 : jmp rcx
    > 0x004056fd : jmp rdx
load mem
    > 0x00425c02 : mov eax, [rcx]; ret
    > 0x004102a4 : mov rax, [rdi + 0x68]; ret
    > 0x004102a5 : mov eax, [rdi + 0x68]; ret
    > 0x00446fe9 : mov eax, [rdx]; pop r12; pop rbp; ret
    > 0x0044d7e5 : movzx eax, [rdi]; sub eax, ecx; ret
load reg
    > 0x00427e2b : pop rax; ret
    > 0x0046b417 : pop rbx; ret
    > 0x00477d5d : pop rsi; ret
    > 0x004787d3 : pop rdi; ret
    > 0x0040177a : pop rbp; ret
pop pop ret
    > 0x0047ce29 : pop r12; ret
    > 0x0047a343 : pop r12; pop r13; ret
    > 0x00477d58 : pop r12; pop r13; pop r14; ret
    > 0x004787cc : pop r12; pop r13; pop r14; pop r15; ret
    > 0x00402111 : pop r12; pop r13; pop r14; pop r15; pop rbp; ret
sp lifting
    > 0x00477a65 : add rsp, 0x18; ret
    > 0x00477a65 : add rsp, 0x18; ret
    > 0x0047a8ae : add rsp, 0x28; ret
    > 0x004773fa : add rsp, 0x38; ret
stack pivoting
    > 0x0042735a : xchg eax, esp; ret
    > 0x00406ace : lea esp, [rax - 0x7600000a]; ret
    > 0x0047ad79 : mov rsp, rcx; pop rcx; jmp rcx
    > 0x0047ad7a : mov esp, ecx; pop rcx; jmp rcx
    > 0x004481c5 : lea rsp, [rbp - 0x10]; pop rbx; pop r12; pop rbp; ret
syscall
    > 0x00410eb6 : syscall ; ret
write mem
    > 0x00446558 : adc [rax], ecx; ret
    > 0x0041af8c : adc [rcx], eax; ret
    > 0x0041cdd2 : adc [rdi], eax; ret
    > 0x0040e87b : add [rax + 0x39], ecx; ret
    > 0x0041b52f : adc [rax + 0x30], edi; ret

© 2014 - 2019 - Powered by ROPEME | Contact