ROPSHELL 
ropshell> use bb5cbffc096497506167bce1d9690ef2 (download)
name         : ntdll.dll (i386/PE)
base address : 0x7c901000
total gadgets: 6382

ropshell> suggest "stack pivoting"
> 0x7c92c0c8 : xchg eax, esp; ret
> 0x7c971649 : mov esp, ebx; pop ebx; ret
> 0x7c90eb77 : mov esp, ebp; pop ebp; ret
> 0x7c9011a7 : mov esp, esi; pop ebx; pop edi; pop esi; pop ebp; ret 0x10
> 0x7c901117 : lea esp, [esp];  dec [edx + 4]; ret 4
> 0x7c974021 : xchg esp, edx; add [eax], al; add [ebx], bh; ret
> 0x7c91554d : lea esp, [ecx]; or al, [eax]; add [edi - 0x37], bl; ret 0x10
> 0x7c901a3d : mov esp, ecx; mov ecx, [eax]; mov eax, [eax + 4]; push eax; ret
> 0x7c95f3c5 : lea esp, [edi + edi*8 - 1]; call [ecx - 1]
> 0x7c901d16 : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact