ROPSHELL 
ropshell> use ad6fe241ce4db2066965f604c6cda4d9 (download)
name         : StartAllBack_3.7.5_setup.exe (x86_64/PE)
base address : 0x140001000
total gadgets: 1041

ropshell> suggest "load reg"
> 0x140001a4b : pop rbx; ret
> 0x140002183 : pop rsi; ret
> 0x140001b01 : pop rdi; ret
> 0x140002792 : pop rbp; ret
> 0x1400017ad : pop rsp; ret
> 0x1400017ac : pop r12; ret
> 0x140002182 : pop r14; ret
> 0x140008167 : pop r13; pop r12; ret
> 0x14000316a : pop r15; pop r14; pop r12; ret
> 0x140005e35 : mov rbx, [rsp + 8]; ret
> 0x140001f2f : mov rdi, [rsp + 0x10]; ret
> 0x140005d53 : mov r14, [rsp + 0x20]; ret
> 0x140005e36 : mov ebx, [rsp + 8]; ret
> 0x140005d54 : mov esi, [rsp + 0x20]; ret
> 0x140001f30 : mov edi, [rsp + 0x10]; ret
> 0x140008651 : pop rcx; add [rax], al; add rsp, 0x48; ret
> 0x140001b64 : mov r11, [rsp + 8]; add rsp, 0x10; ret
> 0x140001b60 : mov r10, [rsp]; mov r11, [rsp + 8]; add rsp, 0x10; ret
> 0x140001b61 : mov edx, [rsp]; mov r11, [rsp + 8]; add rsp, 0x10; ret
> 0x140008671 : pop rdx; add [rax], al; mov ecx, eax; mov eax, ecx; add rsp, 0x28; ret
> 0x140005d49 : mov rsi, [rsp + 0x10]; mov rdi, [rsp + 0x18]; mov r14, [rsp + 0x20]; ret
> 0x1400081ed : pop rax; mov [r8 + 0x54], eax; mov [r8 + 0x50], eax; mov [r8 + 0x4c], eax; ret
> 0x140008ed1 : mov rdx, [rsp + 0x60]; lea rcx, [rsp + 0x78]; call [rbp - 0x80]
> 0x140005e4d : mov rax, [rsp + 0x28]; mov [r8], ebx; mov rbx, [rsp + 8]; mov [r9], ecx; mov [rax], edx; ret
> 0x140008ecc : mov r13, [rsp + 0x58]; mov rdx, [rsp + 0x60]; lea rcx, [rsp + 0x78]; call [rbp - 0x80]
> 0x140005e4e : mov eax, [rsp + 0x28]; mov [r8], ebx; mov rbx, [rsp + 8]; mov [r9], ecx; mov [rax], edx; ret
> 0x140008ecd : mov ebp, [rsp + 0x58]; mov rdx, [rsp + 0x60]; lea rcx, [rsp + 0x78]; call [rbp - 0x80]

© 2014 - 2019 - Powered by ROPEME | Contact