ROPSHELL 
ropshell> use aeb31909457a3a05613ab5bf72df745f (download)
name         : ntdll.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 6203

ropshell> suggest "load reg"
> 0x1800024c7 : pop rax; ret
> 0x180002947 : pop rbx; ret
> 0x180095e75 : pop rcx; ret
> 0x180068236 : pop rdx; ret
> 0x180001b43 : pop rsi; ret
> 0x18000124c : pop rdi; ret
> 0x180001858 : pop rbp; ret
> 0x180011017 : pop rsp; ret
> 0x180095e74 : pop r9; ret
> 0x180011016 : pop r12; ret
> 0x180012064 : pop r13; ret
> 0x180001b42 : pop r14; ret
> 0x180020c76 : pop r15; ret
> 0x180095e72 : pop r8; pop r9; ret
> 0x1800d1a51 : mov rbx, [rsp + 0x10]; ret
> 0x18004f337 : mov rsi, [rsp + 0x10]; ret
> 0x1800016aa : mov rdi, [rsp + 0x10]; ret
> 0x1800e4a41 : mov r14, [rsp + 0x20]; ret
> 0x1800d1a52 : mov ebx, [rsp + 0x10]; ret
> 0x18004f338 : mov esi, [rsp + 0x10]; ret
> 0x1800016ab : mov edi, [rsp + 0x10]; ret
> 0x1800abfa8 : mov eax, [rsp]; add rsp, 8; ret
> 0x18003cbfe : mov rax, [rsp + 0x38]; add rsp, 0x28; ret
> 0x1800aa473 : mov r11, [rsp + 8]; add rsp, 0x10; ret
> 0x18008dedc : mov r12, [rsp + 0x38]; pop r15; pop r14; pop r13; ret
> 0x18008dedd : mov esp, [rsp + 0x38]; pop r15; pop r14; pop r13; ret
> 0x1800eb7e0 : mov rbp, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x1800a9511 : mov r9, [rsp + 0x38]; add rsp, 0x48; jmp rax
> 0x1800a9512 : mov ecx, [rsp + 0x38]; add rsp, 0x48; jmp rax
> 0x1800eb7e1 : mov ebp, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x18006071b : mov rdx, [rsp + 8]; mov [rcx], rdx; add rsp, 0x18; ret
> 0x1800aa46f : mov r10, [rsp]; mov r11, [rsp + 8]; add rsp, 0x10; ret
> 0x18006071c : mov edx, [rsp + 8]; mov [rcx], rdx; add rsp, 0x18; ret
> 0x18007816e : mov rcx, [rsp + 0x30]; mov [rdx + 0x2b8], rcx; add rsp, 0x28; ret
> 0x1800a950c : mov r8, [rsp + 0x30]; mov r9, [rsp + 0x38]; add rsp, 0x48; jmp rax

© 2014 - 2019 - Powered by ROPEME | Contact