ropshell> use cd602bfcce93143c096d0c76c31c8a51 (download)
name         : Dumped_test.exe (i386/PE)
base address : 0x401000
total gadgets: 44609
ropshell> suggest "load mem"
> 0x004794fb : mov eax, [ecx]; ret
> 0x005cdb8c : mov eax, [edx]; ret
> 0x005805c8 : mov eax, [esi]; pop esi; ret
> 0x0054d7eb : mov eax, [ecx + 0x12c]; ret
> 0x005cdb6c : mov eax, [edx + 0x128]; ret
> 0x0047ce0c : mov eax, [esi + 0x2b4]; ret
> 0x005c713d : mov edx, [ecx + 0x6427d8c]; ret
> 0x0067b203 : mov eax, [ebp + 0xc]; pop ebp; ret
> 0x006286f3 : mov ecx, [eax + 0x18]; call edx; ret 4
> 0x004dfce4 : mov ecx, [eax]; mov eax, [ecx]; ret
> 0x004f30aa : mov edx, [eax]; mov [ecx], edx; ret
> 0x004bd5c3 : mov edx, [ecx]; lea eax, [0]; ret 0x8b
> 0x00628d65 : mov edx, [eax + 0x10]; jmp edx
> 0x0065b78f : mov ebp, [ebx + 0x20]; jmp eax
> 0x00462a8d : mov eax, [edi]; pop edi; pop esi; pop ebp; pop ebx; ret
> 0x004a8b1b : mov ecx, [edx]; jmp [0]
> 0x0045eadf : mov eax, [edi + 0x190]; call eax
> 0x0060b2d4 : mov ebx, [edi + 0x5e]; pop ebp; pop ebx; pop ecx; ret
> 0x0045155d : mov ecx, [ebx + 0x1b4]; call ecx
> 0x004592d9 : mov ecx, [edx + 0x148]; call ecx
> 0x0042a98b : mov ecx, [edi + 0x2c]; call ecx
> 0x00458a7f : mov edx, [esi + 0x190]; call edx
> 0x00427af3 : mov ecx, [ebx]; push eax; push ecx; call ebp
> 0x00427b0a : mov ecx, [esi]; push eax; push ecx; call ebp
> 0x005b7b16 : mov ecx, [edi]; push ebx; push ecx; call ebp
> 0x004c9176 : mov edx, [esi]; add [ebx + 0x5e5f08c4], al; pop ebx; ret
> 0x0046b2d3 : mov edx, [edi]; push esi; push edx; call eax
> 0x004277c8 : mov edx, [ebp]; push ecx; push edx; call ebx
> 0x005ba4df : movzx eax, [ebx + 0x5ba870]; jmp [0]
> 0x0042df05 : mov ecx, [esi + 0x44c]; push ecx; call edx
> 0x00632c8c : mov ecx, [ebp + 0x48]; push eax; call ecx
> 0x0061abaf : movzx edx, [edi + 0x40]; mov [esi + 0x40], dx; ret
> 0x006056b5 : mov esi, [eax + 4]; push eax; call edi
> 0x00526c61 : mov ebp, [eax]; cmc ; call [eax - 0x18]
> 0x0053a7a1 : mov ebx, [ecx + eax]; add [ecx + 0x5d78a944], cl; pop ebx; ret
> 0x005de901 : mov edx, [ebx + 0x24]; push eax; push ecx; call edx
> 0x006340ce : mov edx, [ebp + 8]; push eax; push ecx; call edx
> 0x0065c32a : mov edi, [esi + 0xc]; and edi, 0x7fff; call ebx
> 0x0044e7d2 : mov eax, [ebx]; mov ecx, [eax + 0x18]; call ecx
> 0x004b329a : mov eax, [ebp]; mov [esi + 0x1c], eax; pop ebp; pop edi; pop esi; pop ebx; ret
> 0x00465086 : mov edx, [ebx]; mov eax, [eax + 0x8297c]; push ecx; push edx; call eax
> 0x0045eada : mov edi, [eax]; push 1; push eax; mov eax, [edi + 0x190]; call eax
> 0x0045e84f : mov edi, [edx]; mov ecx, [edi + 0x190]; push 0; push edx; call ecx
> 0x0065b559 : mov ebx, [ebp + 0xc]; mov ebp, [ebp - 4]; mov esp, [ebx - 4]; jmp eax
> 0x004ce133 : mov esi, [edi + ecx]; mov edx, esi; pop esi; mov eax, ebx; pop ebx; add esp, 8; ret
> 0x00451558 : mov ebx, [ecx]; push edx; push eax; push ecx; mov ecx, [ebx + 0x1b4]; call ecx
> 0x00456597 : mov ebx, [edi]; mov ecx, [ebx + 0x190]; push edx; push 0; push edi; call ecx
> 0x00458a79 : mov esi, [edx]; push ecx; push 0; push edx; mov edx, [esi + 0x190]; call edx
> 0x00577582 : mov esi, [edi]; push esi; mov eax, esi; or eax, ebx; push eax; push edi; call ebp
> 0x0041895c : mov edi, [esi]; push 1; push edx; push eax; mov eax, [ecx + 0x28]; call eax
> 0x0066a81b : mov esi, [edx + esi]; mov ecx, [esi + ecx]; add ecx, edx; add eax, ecx; pop esi; ret
> 0x005fa192 : mov edi, [eax + 0x20]; push eax; mov eax, [edx + 0x14]; mov ecx, esi; call eax
> 0x00627872 : mov esi, [ebp]; lea eax, [esp + 0x14]; push eax; mov ecx, ebx; add esi, 0x68; call edx
> 0x005436d4 : mov edi, [ebx]; pushfd ; and al, -0x74; add [eax], al; add [edi], cl; xchg [ebp - 0x7d000000], al; ret
> 0x00627626 : mov esi, [ecx + 0x94]; mov ecx, [ecx + 0x90]; push esi; push ecx; mov ecx, eax; call edx
> 0x00442a98 : mov edi, [ebp + 0x14]; mov eax, [edi]; push eax; lea eax, [esi + 0x41910]; push eax; call ebx
> 0x005f9c6f : mov edi, [ebx + 4]; lea eax, [esi + esi*4 - 0xf]; mov ecx, [eax*4 + 0x65de414]; push edi; call ecx
> 0x0045d8b0 : mov ecx, [ebp]; mov [ebp + 4], eax; mov edx, [ecx]; push eax; mov eax, [edx + 0x1a0]; push ecx; call eax
> 0x005f9c6b : mov esi, [ebp + 4]; push edi; mov edi, [ebx + 4]; lea eax, [esi + esi*4 - 0xf]; mov ecx, [eax*4 + 0x65de414]; push edi; call ecx