ROPSHELL 
ropshell> use c4c5a8bc37f8f72a737edf5c0228617d (download)
name         : stage1 (i386/ELF)
base address : 0x440
total gadgets: 48

ropshell> suggest
call
    > 0x00000596 : call [edx - 0x77]; ret
    > 0x000004bc : call eax
    > 0x0000050d : call edx
    > 0x00000462 : call [eax + 0x51]
jmp
    > 0x00000470 : push esp; mov ebx, [esp]; ret
load reg
    > 0x0000067b : pop ebp; ret
    > 0x0000067a : pop edi; pop ebp; ret
    > 0x00000611 : popal ; cld ; ret
    > 0x00000679 : pop esi; pop edi; pop ebp; ret
    > 0x00000614 : mov eax, [esp]; ret
pop pop ret
    > 0x0000067b : pop ebp; ret
    > 0x0000067a : pop edi; pop ebp; ret
    > 0x00000679 : pop esi; pop edi; pop ebp; ret
    > 0x00000678 : pop ebx; pop esi; pop edi; pop ebp; ret
stack pivoting
    > 0x00000610 : lea esp, [ecx - 4]; ret
    > 0x0000060a : lea esp, [ebp - 8]; pop ecx; pop ebx; pop ebp; lea esp, [ecx - 4]; ret
    > 0x000004c1 : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact