ropshell> use a96f17749cd3d9a0464d7068fe73a0c4 (download) name : M0Pro_Serial.elf (arm/ELF) base address : 0x0 total gadgets: 199
ropshell> suggest jmpcall > 0x00000219 : bx lr > 0x000000fd : blx r3 > 0x00001ce9 : blx r4 load mem > 0x0000201f : ldr r3, [r5, r3]; blx r3 > 0x00000879 : ldrh r7, [r5, #0x3a]; bx lr > 0x00001621 : ldr r3, [r0]; ldr r3, [r3]; blx r3 > 0x000004ab : ldr r2, [r0, #4]; orrs r3, r2; str r3, [r0, #4]; pop {r4, r5, r6, pc} > 0x00001ce3 : ldr r4, [r2, #4]; movs r1, r3; movs r2, #1; blx r4 pop pop ret > 0x00000135 : pop {pc} > 0x00001fe9 : pop {r1, pc} > 0x00000753 : pop {r4, r5, pc} > 0x00001075 : pop {r1, r2, r4, pc} > 0x00000729 : pop {r4, r5, r6, r7, pc} stack pivoting > 0x00001285 : mov sp, r7; pop {r3, r4, r5, r6, r7, pc} write mem > 0x00001ec1 : str r1, [r2]; pop {r4, pc} > 0x00001d4d : str r2, [r3]; pop {r4, pc} > 0x0000214f : str r3, [r5]; pop {r4, r5, r6, pc} > 0x00001acf : str r1, [r0]; bx lr > 0x00001a61 : str r3, [r0, #0x40]; pop {r4, pc}