ROPSHELL 
ropshell> use bf27cb0e70701b1211030c01e1063174 (download)
name         : ntdll.dll (i386/PE)
base address : 0x6a201000
total gadgets: 11361

ropshell> suggest "load reg"
> 0x6a25b5bf : pop eax; ret
> 0x6a2234fd : pop ebx; ret
> 0x6a20c141 : pop ecx; ret
> 0x6a20cae9 : pop edx; ret
> 0x6a222028 : pop esi; ret
> 0x6a228044 : pop edi; ret
> 0x6a21db0a : pop ebp; ret
> 0x6a27ed50 : pop esp; ret
> 0x6a2ef8f6 : popal ; ret
> 0x6a29560b : mov eax, [esp + 4]; ret
> 0x6a2962b6 : mov ecx, [esp + 4]; sub eax, ecx; ret
> 0x6a2a3492 : mov edx, [esp + 0x1c];  cmpxchg8b [ebp]; pop ebp; pop ebx; ret 0x14
> 0x6a2a3591 : mov edi, [esp + 8]; mov ecx, [esp + 0xc]; mov eax, [esp + 0x10]; shr ecx, 2; rep stosd es:[edi], eax; pop edi; ret 0xc

© 2014 - 2019 - Powered by ROPEME | Contact