ropshell> use ad7efaf31af566d1a10706728d08e008 (download) name : libhttpd.dll (x86_64/PE) base address : 0x6ff01000 total gadgets: 3485
ropshell> suggest call > 0x6ff0514c : call rax > 0x6ff27dae : call rbx > 0x6ff02e90 : call rcx > 0x6ff03a75 : call rdx > 0x6ff1d855 : call rdi jmp > 0x6ff0bb6d : jmp rax > 0x6ff063b4 : jmp rcx > 0x6ff2477e : jmp rdx > 0x6ff2a62a : jmp r8 > 0x6ff1571c : jmp r9 load mem > 0x6ff183f0 : mov rax, [rcx + 0x10]; ret > 0x6ff0bb5a : mov eax, [rcx + 0x10]; ret > 0x6ff03c58 : mov rax, [rcx]; mov [rdx], rax; ret > 0x6ff03c59 : mov eax, [rcx]; mov [rdx], rax; ret > 0x6ff0d3d7 : mov rcx, [rax]; mov [rcx + 0x18], rdx; ret load reg > 0x6ff220f0 : pop rax; ret > 0x6ff01445 : pop rbx; ret > 0x6ff021d7 : pop rsi; ret > 0x6ff02c58 : pop rdi; ret > 0x6ff01d85 : pop rbp; ret pop pop ret > 0x6ff04e4c : pop r12; ret > 0x6ff0ed77 : pop r12; pop rbp; ret > 0x6ff2c271 : pop r12; pop rbp; pop rbx; ret > 0x6ff01d81 : pop r12; pop rdi; pop rsi; pop rbp; ret > 0x6ff01440 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret sp lifting > 0x6ff3f549 : add rsp, 0x10; ret > 0x6ff3f549 : add rsp, 0x10; ret > 0x6ff04bae : add rsp, 0x28; ret > 0x6ff0532e : add rsp, 0x38; ret > 0x6ff0b93a : add rsp, 0x48; ret stack pivoting > 0x6ff0c9fe : xchg eax, esp; ret > 0x6ff0450c : mov rsp, r11; pop r14; ret > 0x6ff0450d : mov esp, ebx; pop r14; ret > 0x6ff2f445 : xchg esp, edi; add al, [rax]; mov [rip + 0x2fc88], rax; ret > 0x6ff0e7ca : xchg esi, esp; add [rax], al; add [rax - 0x68], cl; movzx eax, [r8 + rax + 0xe93c]; mov ecx, [r8 + rax*4 + 0xe924]; add rcx, r8; jmp rcx write mem > 0x6ff3b2a4 : add [r8], eax; ret > 0x6ff05633 : add [rsi + 0x15ff0005], ecx; ret > 0x6ff3eb24 : add [rdi], ecx; xchg eax, esp; ret > 0x6ff29073 : add [rdi], rcx; xchg eax, ebp; ror [rbx - 0x3b7cb73f], 0x28; ret > 0x6ff2ba98 : add [rdx], eax; add [rdi + rcx + 0x44], cl; sar bh, 0x15; ret