ropshell> use cd984a5858bf2e7eb7659219fa540ac9 (download)
name : libc.so.6 (arm/ELF)
base address : 0x17200
total gadgets: 5380
ropshell> suggest "load mem"
> 0x000606ae : ldr r0, [r2]; pop {r4, r5, r6, pc}
> 0x00025f4e : ldr r0, [r1, r3]; bx lr
> 0x000301be : ldr r0, [r3, #0x34]; pop {r4, pc}
> 0x000ace62 : ldr r0, [r4, #4]; pop {r4, r5, r6, pc}
> 0x000ac312 : ldr r0, [r5, #0x3c]; pop {r4, r5, r6, pc}
> 0x00105fae : ldr r3, [r6]; blx r3
> 0x000fdc7e : ldr r4, [r6]; blx r4
> 0x00106012 : ldr r3, [r7]; blx r3
> 0x0006ee92 : ldr r3, [r8]; blx r3
> 0x000df116 : ldr r5, [ip]; blx r5
> 0x0002e772 : ldr r0, [fp]; blx sl
> 0x000c454e : ldr r2, [ip, r2]; blx r5
> 0x000f4376 : ldr r3, [ip, #0xc]; bx r3
> 0x000caf3e : ldr r3, [r1, r2]; str r4, [r3]; pop {r4, r7, pc}
> 0x0005ae2e : ldr r1, [r5, #0x40]; blx r1
> 0x0008fc4a : ldr r2, [r5, r2]; str r3, [r2]; pop {r4, r5, r6, pc}
> 0x000d2486 : ldr r3, [r5, r3]; str r2, [r3]; pop {r4, r5, r6, pc}
> 0x00068dde : ldr r1, [r6, #0x24]; blx r1
> 0x00027aa1 : ldrh r0, [r7, #0x10]; movs r1, r2; pop {r3, r4, r5, r6, pc}
> 0x000f49ae : ldr r2, [r7, #0x29c]; blx r3
> 0x00066fbe : ldr r1, [r8, #0x40]; blx r1
> 0x000677b2 : ldr r1, [sl, #0x40]; blx r1
> 0x000de9f6 : ldr r1, [fp, #-0x88]; blx r3
> 0x00076f8e : ldr r2, [r1]; eor r3, r3, r2; blx r3
> 0x000301ba : ldr r3, [r2]; ldr r0, [r3, #0x34]; pop {r4, pc}
> 0x000fa629 : ldrh r4, [r2, r3]; movs r4, r0; blx lr
> 0x000d7ed6 : ldr r0, [r6, r3]; add sp, sp, #8; pop {r4, r5, r6, pc}
> 0x00027556 : ldr r2, [r6]; eor r3, r3, r2; blx r3
> 0x000f5656 : ldr r6, [ip]; add r2, pc, r2; blx r6
> 0x000fe106 : ldr r4, [lr]; add r2, pc, r2; blx r4
> 0x000f519a : ldr r6, [lr]; add r2, pc, r2; blx r6
> 0x000d1ef6 : ldr r0, [pc, #0x20]; add r0, pc, r0; pop {r4, pc}
> 0x00026682 : ldr r2, [pc, r2]; str r1, [r3, r2]; pop {r4, pc}
> 0x0002bfbe : ldr r3, [pc, r3]; str r1, [r2, r3]; pop {r4, pc}
> 0x000f08c6 : ldr r3, [r4, r3]; str r2, [r3, #8]; pop {r4, pc}
> 0x000fda7e : ldr r5, [r4]; mov r0, r5; add sp, sp, #0x90; pop {r4, r5, r6, pc}
> 0x0006ee8e : ldr r8, [r7, r3]; ldr r3, [r8]; blx r3
> 0x000a06a6 : ldr r2, [sl, #0x14]; mov r0, sb; blx r2
> 0x00019206 : ldr r3, [fp, #-0x40]; mov r0, sb; blx r3
> 0x000451da : ldr r1, [lr, r1]; eor r3, r3, ip; blx r3
> 0x0006f8b5 : ldr r1, [pc, #0x50]; movs r3, r1; blx sb
> 0x0006dea6 : ldr r3, [r0, #0x14]; str r2, [r3, #0x10]; pop {r4, pc}
> 0x000d2482 : ldr r2, [r4]; ldr r3, [r5, r3]; str r2, [r3]; pop {r4, r5, r6, pc}
> 0x0005d7da : ldr r1, [r7, #0x24]; mov r3, r5; mov r0, r4; blx r1
> 0x0002f70a : ldr r2, [fp, r2]; ldr r2, [r2]; eor r3, r3, r2; blx r3
> 0x000fee62 : ldr r3, [lr, #0xc]; str r4, [sp, #0x18]; blx r3
> 0x000c1fa6 : ldr r7, [pc, #0x10]; svc #0; pop {r7}; cmn r0, #0x1000; bxlo lr
> 0x0006018e : ldrne r2, [r3]; addne r1, r2, #4; ldrne r0, [r2]; strne r1, [r3]; pop {r4, r5, r6, pc}
> 0x001019be : ldr r1, [r4, #0x14]; add r5, r1, r5; str r5, [r4, #0x14]; pop {r4, r5, r6, pc}
> 0x00061aca : ldr r3, [sl, #0x48]; add r1, sp, #0x30; mov r0, r4; blx r3
> 0x000fe75e : ldr r7, [ip]; add r2, pc, r2; str lr, [sp, #0x34]; blx r7
> 0x001060ce : ldr r5, [pc, #0x2c]; add r5, pc, r5; ldr r3, [r5]; blx r3
> 0x000602f6 : ldr r1, [r0, #0x5c]; ldr r3, [r1, #0x18]; cmp r3, #0; bxne lr
> 0x00044546 : ldr r2, [r0, #4]; add r2, r2, #1; str r2, [r0, #4]; pop {r4, r5, r6, pc}
> 0x0004fae6 : ldr r5, [r3, ip, lsl #2]; add r3, r8, r2; add r2, r6, r2; blx r5
> 0x00054896 : ldr r8, [r3, ip, lsl #2]; add r3, r5, r2; add r2, r6, r2; blx r8
> 0x0003b76e : ldr lr, [r4, #0x58]; ldr r4, [r4, #0x30]; mov r0, #0; bx lr
> 0x000f09ae : ldr r1, [r2, r3]; str r4, [r2, r3]; str r1, [r4, #0x10]; mov r0, r4; pop {r4, r5, r6, pc}
> 0x00108e9a : ldr r5, [r7, #0x198]; str ip, [sp, #4]; str r8, [sp]; blx r5
> 0x000fa226 : ldr r0, [sl]; ldr r3, [r0, #0x20]; ldr r3, [r3, #0xc]; blx r3
> 0x00105fa2 : ldr r6, [pc, #0x40]; mov r4, r1; add r6, pc, r6; ldr r3, [r6]; blx r3
> 0x000caf36 : ldr ip, [pc, ip]; str r3, [lr, ip]; ldr r3, [r1, r2]; str r4, [r3]; pop {r4, r7, pc}
> 0x00076fe2 : ldr ip, [r0]; add r2, pc, r2; ldr r0, [r2, #0x68]; eor r3, r3, ip; blx r3
> 0x000ed03e : ldr ip, [r7, r1]; add r1, sp, #4; ldr ip, [ip]; eor r3, r3, ip; blx r3
> 0x00023662 : ldr r2, [r8, r2]; ldr r3, [r3, #0xa4]; ldr r2, [r2]; eor r3, r3, r2; blx r3
> 0x00065802 : ldr r1, [r3]; ldr r2, [r3, #0xc]; str r1, [r3, #4]; str r2, [r3, #0x10]; pop {r4, pc}
> 0x00017b9e : ldr ip, [r4, ip]; ldr ip, [ip]; eor r3, r3, ip; add sp, sp, #0x14; pop {r4, r5, lr}; bx r3
> 0x000f50be : ldr r5, [lr]; add r2, pc, r2; str ip, [sp, #0x30]; str ip, [sp, #0x34]; blx r5
> 0x000178fa : ldr r5, [r2, r3]; add r4, pc, r4; ldr r3, [r4, #0xc4]; ldr r2, [r5]; eor r3, r3, r2; blx r3
> 0x0002754a : ldr r6, [r2, r3]; add sl, pc, sl; ldr r3, [sl, #0xa4]; ldr r2, [r6]; eor r3, r3, r2; blx r3
> 0x000fa621 : ldrh r4, [r5, r5]; movs r4, r0; ldrh r0, [r7, r3]; movs r4, r0; ldrh r4, [r2, r3]; movs r4, r0; blx lr
> 0x0009a382 : ldr r2, [lr, r1]; add r3, pc, r3; ldr r3, [r3, #0xc8]; ldr r2, [r2]; eor r3, r3, r2; blx r3
> 0x00023382 : ldr ip, [r3]; mov r0, fp; add sl, pc, sl; str r2, [sp, #8]; str r3, [sp, #4]; eor r1, r1, ip; blx r1
> 0x000ace4e : ldr ip, [r5]; add r4, ip, r4; add r3, r4, #0xc; ldm r3, {r0, r1, r2}; stm r6, {r0, r1, r2}; ldr r0, [r4, #4]; pop {r4, r5, r6, pc}
> 0x00025eae : ldr r4, [pc, r4]; str r0, [lr, r4]; ldr ip, [pc, ip]; str r1, [lr, ip]; ldr r3, [pc, r3]; str r2, [lr, r3]; pop {r4, pc}
> 0x000c9a26 : ldr ip, [r1, #0x30]; ldr r3, [r1, #0x34]; str lr, [r2, #0x54]; str ip, [r2, #0x58]; str r3, [r2, #0x5c]; pop {r4, r5, r6, r7, pc}
> 0x00027546 : ldr sl, [pc, #0x56c]; ldr r6, [r2, r3]; add sl, pc, sl; ldr r3, [sl, #0xa4]; ldr r2, [r6]; eor r3, r3, r2; blx r3
> 0x000ec8ce : ldr lr, [r1, #8]; ldr r1, [r1, #0xc]; str r5, [r3, r2]; str r4, [ip, #4]; str lr, [ip, #8]; str r1, [ip, #0xc]; pop {r4, r5, pc}
> 0x00030dae : ldrh r6, [r3, #0xa]; strh r2, [r1, #0xe]; orr r4, r4, lr, lsl #16; strh ip, [r1, #0xc]; str r6, [r1, #0x14]; str r4, [r1, #0x10]; pop {r4, r5, r6, r7, pc}