ropshell> use ad6fe241ce4db2066965f604c6cda4d9 (download)
name         : StartAllBack_3.7.5_setup.exe (x86_64/PE)
base address : 0x140001000
total gadgets: 1041

ropshell> suggest
call
    > 0x140001626 : call rcx
    > 0x140001bc4 : call [rax]
    > 0x1400042cb : call [rbx]
    > 0x1400020fd : call [rcx]
    > 0x1400023a8 : call [rsi]
jmp
    > 0x140009160 : jmp rax
    > 0x14000569a : jmp [rax + 8]
    > 0x140007d63 : jmp [rbx]
    > 0x1400076ca : jmp [rsi + 0x41]
    > 0x1400081f1 : push rsp; mov [r8 + 0x50], eax; mov [r8 + 0x4c], eax; ret
load mem
    > 0x14000607c : mov rsi, [r11 + 0x20]; mov rsp, r11; pop rdi; ret
    > 0x1400017a5 : mov rdi, [r11 + 0x18]; mov rsp, r11; pop r12; ret
    > 0x14000607d : mov esi, [rbx + 0x20]; mov rsp, r11; pop rdi; ret
    > 0x1400017a6 : mov edi, [rbx + 0x18]; mov rsp, r11; pop r12; ret
    > 0x140004258 : mov rdx, [rbx]; call [rax + 8]
load reg
    > 0x140001a4b : pop rbx; ret
    > 0x140002183 : pop rsi; ret
    > 0x140001b01 : pop rdi; ret
    > 0x140002792 : pop rbp; ret
    > 0x1400017ad : pop rsp; ret
pop pop ret
    > 0x1400017ac : pop r12; ret
    > 0x140002e23 : pop r12; pop rbp; ret
    > 0x1400034a6 : pop r12; pop rdi; pop rsi; ret
    > 0x14000278e : pop r12; pop rdi; pop rsi; pop rbp; ret
    > 0x140007a50 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret
sp lifting
    > 0x140001b69 : add rsp, 0x10; ret
    > 0x140001b69 : add rsp, 0x10; ret
    > 0x14000187a : add rsp, 0x28; ret
    > 0x140001574 : add rsp, 0x38; ret
    > 0x140008654 : add rsp, 0x48; ret
stack pivoting
    > 0x1400017a9 : mov rsp, r11; pop r12; ret
    > 0x1400017aa : mov esp, ebx; pop r12; ret
    > 0x1400020fb : leave ; call [r9]
write mem
    > 0x140005618 : add [rcx + 0x28], rdx; xor eax, eax; ret
    > 0x140005619 : add [rcx + 0x28], edx; xor eax, eax; ret
    > 0x140005755 : add [rbp + 0x12], esi; mov eax, 1; ret
    > 0x140004a51 : add [rcx], eax; add eax, [rax]; sete al; ret
    > 0x14000204c : add [rbx], esi; ror [rcx + rcx*4 + 0x49], 8; ret