ROPSHELL 
ropshell> use c9dba162d90f403aabdda17b56261b0c (download)
name         : 3x17 (x86_64/ELF)
base address : 0x4010d0
total gadgets: 8821

ropshell> suggest "stack pivoting"
> 0x00489da7 : mov rsp, rcx; ret
> 0x0044f62b : xchg eax, esp; ret
> 0x00489da8 : mov esp, ecx; ret
> 0x0047f179 : mov rsp, r8; mov rbp, r9; nop ; jmp rdx
> 0x0047f17a : mov esp, eax; mov rbp, r9; nop ; jmp rdx
> 0x00447ca1 : mov esp, edx; xor esi, esi; call rbp
> 0x00410b24 : lea rsp, [rbp - 0x20]; pop rbx; pop r12; pop r13; pop r14; pop rbp; ret
> 0x00410b25 : lea esp, [rbp - 0x20]; pop rbx; pop r12; pop r13; pop r14; pop rbp; ret
> 0x004684a6 : mov esp, edi; sar r12, 2; mov rdx, r12; call [rax + 0x38]
> 0x00458e72 : lea esp, [rsi + rax]; mov r13, rax; mov rdi, r12; call rbx
> 0x0040f910 : lea esp, [rbx + rax*8 + 8]; nop [rax]; call [rbx]
> 0x00401c4b : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact