ROPSHELL 
ropshell> use b0685fcead72b1dff7130f3ce152549f (download)
name         : KernelBase.dll (x86_64/RAW)
base address : 0x0
total gadgets: 19289

ropshell> suggest "load reg"
> 0x0000ba58 : pop rax; ret
> 0x00001fee : pop rbx; ret
> 0x0033591c : pop rcx; ret
> 0x0009c2eb : pop rdx; ret
> 0x00001900 : pop rsi; ret
> 0x00001a21 : pop rdi; ret
> 0x0000112c : pop rbp; ret
> 0x000025a2 : pop rsp; ret
> 0x000025a1 : pop r12; ret
> 0x00026d65 : pop r13; ret
> 0x000018ff : pop r14; ret
> 0x00019f03 : pop r15; ret
> 0x0009c2e9 : pop r10; pop rdx; ret
> 0x003a56b4 : pop r11; fsub [rcx]; ret
> 0x00101146 : mov rax, [rsp + 8]; ret
> 0x00003e1c : mov rbx, [rsp + 8]; ret
> 0x000051dc : mov rdi, [rsp + 0x10]; ret
> 0x0008ded2 : mov r14, [rsp + 0x20]; ret
> 0x00101147 : mov eax, [rsp + 8]; ret
> 0x00003e1d : mov ebx, [rsp + 8]; ret
> 0x0008ded3 : mov esi, [rsp + 0x20]; ret
> 0x000051dd : mov edi, [rsp + 0x10]; ret
> 0x00086fe1 : pop r9; add al, 0; mov eax, 1; add rsp, 0x28; ret
> 0x0001c173 : mov rsi, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x0002a637 : mov ecx, [rsp + rax*4 + 0x2a7f8]; add rcx, r12; jmp rcx
> 0x000b1e36 : mov rbp, [rsp + 0x10]; mov rsi, [rsp + 0x18]; mov rdi, [rsp + 0x20]; ret
> 0x000b1e37 : mov ebp, [rsp + 0x10]; mov rsi, [rsp + 0x18]; mov rdi, [rsp + 0x20]; ret

© 2014 - 2019 - Powered by ROPEME | Contact