ROPSHELL 
ropshell> use b048b7afe3d28bf4578140ad22c91fde (download)
name         : OWExplorer.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 3058

ropshell> suggest
call
    > 0x180004a52 : call rax
    > 0x18002e1dd : call rbx
    > 0x18001970b : call rcx
    > 0x180019990 : call rdx
    > 0x180007cad : call rdi
jmp
    > 0x18001cfa3 : jmp rax
    > 0x180011d42 : jmp rcx
    > 0x18001af65 : jmp rdx
    > 0x180001bdd : jmp rdi
    > 0x18001b5eb : jmp r9
load mem
    > 0x180003a67 : mov rax, [rcx]; ret
    > 0x180003a68 : mov eax, [rcx]; ret
    > 0x180029d86 : movzx ecx, [rdx]; sub eax, ecx; ret
    > 0x1800069ec : mov rcx, [rax]; movzx eax, [rcx]; ret
    > 0x18001b128 : mov rcx, [rdx]; mov [rax], rcx; ret
load reg
    > 0x180017d3e : pop rax; ret
    > 0x1800028a5 : pop rbx; ret
    > 0x180027750 : pop rcx; ret
    > 0x180003e11 : pop rsi; ret
    > 0x180002964 : pop rdi; ret
pop pop ret
    > 0x180003a4a : pop r12; ret
    > 0x18000357a : pop r12; pop rbp; ret
    > 0x18000cdce : pop r12; pop rdi; pop rbp; ret
    > 0x180002d1d : pop r12; pop rdi; pop rsi; pop rbp; ret
    > 0x180023644 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret
sp lifting
    > 0x180006e51 : add rsp, 0x18; ret
    > 0x180006e51 : add rsp, 0x18; ret
    > 0x180004a8c : add rsp, 0x28; ret
    > 0x180003eb1 : add rsp, 0x38; ret
    > 0x180016279 : add rsp, 0x48; ret
stack pivoting
    > 0x180004149 : xchg eax, esp; ret
    > 0x18002b557 : mov rsp, r11; pop r14; ret
    > 0x18002b558 : mov esp, ebx; pop r14; ret
    > 0x180018bb7 : lea rsp, [rbp + 0x10]; pop r15; pop r14; pop rbp; ret
    > 0x180018bb8 : lea esp, [rbp + 0x10]; pop r15; pop r14; pop rbp; ret
write mem
    > 0x1800028ca : adc [rcx + 0x28], eax; ret
    > 0x1800162e0 : add [rax], r8; add dh, dh; ret
    > 0x18001b47f : adc [rcx], eax; mov rax, r11; ret
    > 0x180004756 : add [rdi], ecx; xchg eax, esp; ret
    > 0x18001e060 : add [rbx + 0x3a8a0], eax; add ch, bh; ret

© 2014 - 2019 - Powered by ROPEME | Contact