ropshell> use cd984a5858bf2e7eb7659219fa540ac9 (download)
name         : libc.so.6 (arm/ELF)
base address : 0x17200
total gadgets: 5380

ropshell> suggest "write mem"
> 0x00063536 : str r2, [r0]; pop {r4, r5, r7, pc}
> 0x00101cd2 : str r5, [r0]; pop {r4, r5, r6, pc}
> 0x0001728e : str r0, [r1]; pop {r4, r5, r6, pc}
> 0x000640ca : str r3, [r1]; pop {r4, pc}
> 0x0002cd06 : str r5, [r1]; pop {r4, r5, r6, pc}
> 0x0007846e : str lr, [r1]; pop {r4, pc}
> 0x000d08b2 : str r0, [r2]; pop {r4, r5, r6, r7, pc}
> 0x0003de16 : str r3, [r2]; pop {r4, pc}
> 0x0005e65e : str r5, [r2]; pop {r4, r5, r6, pc}
> 0x000ccafa : str r0, [r3]; pop {r4, pc}
> 0x0005fec6 : str r1, [r3]; pop {r4, pc}
> 0x0006ca7a : str r2, [r3]; pop {r4, pc}
> 0x000d49c6 : str r4, [r3]; pop {r4, pc}
> 0x000ddb8e : str r6, [r3]; pop {r4, r5, r6, pc}
> 0x000f4daa : str r0, [r4]; pop {r4, pc}
> 0x000603f2 : str r1, [r4]; pop {r4, pc}
> 0x0002ce96 : str r2, [r4]; pop {r4, r5, r6, pc}
> 0x0006bb42 : str r3, [r4]; pop {r4, pc}
> 0x000c6396 : str r5, [r4]; pop {r4, r5, r6, pc}
> 0x0004a742 : str r1, [r5]; pop {r4, r5, r6, pc}
> 0x000bca86 : str r3, [r5]; pop {r4, r5, r6, pc}
> 0x000ebbc6 : str r4, [r5]; pop {r4, r5, r6, pc}
> 0x000bca52 : str ip, [r5]; pop {r4, r5, r6, pc}
> 0x0002caf6 : str r3, [r6]; pop {r4, r5, r6, pc}
> 0x00079c8a : str r4, [r6]; pop {r4, r5, r6, pc}
> 0x0007dca2 : str lr, [r6]; pop {r4, r5, r6, pc}
> 0x0002bfc2 : str r1, [r2, r3]; pop {r4, pc}
> 0x0004a79e : strne r6, [r2, r5]; pop {r4, r5, r6, pc}
> 0x000c72f6 : str r6, [r4, r3]; pop {r4, r5, r6, pc}
> 0x000fe9ba : strne r0, [r5, r3]; pop {r4, r5, r6, pc}
> 0x000fe8ee : str r2, [r5, r3]; pop {r4, r5, r6, pc}
> 0x000eabae : str r6, [r5, r3]; pop {r4, r5, r6, pc}
> 0x00025ec2 : str r2, [lr, r3]; pop {r4, pc}
> 0x000fe95a : str r3, [r0, #0xc4]; pop {r4, r5, r6, pc}
> 0x000787c2 : str lr, [r0, #-4]; pop {r4, r5, r6, pc}
> 0x00030dc2 : str r4, [r1, #0x10]; pop {r4, r5, r6, r7, pc}
> 0x001098da : str ip, [r3, #0x10]; pop {r4, pc}
> 0x000f6e9e : str ip, [r6, #0x34]; pop {r4, r5, r6, pc}
> 0x000ec8e2 : str r1, [ip, #0xc]; pop {r4, r5, pc}
> 0x000d0902 : strge r2, [ip, #4]; pop {r4, r5, r6, r7, pc}
> 0x000febba : strh r3, [ip, #4]; pop {r4, r5, r6, pc}
> 0x000fcc0a : str ip, [r0, #0x38]!; bx r3
> 0x0003ddc2 : str ip, [r2]; mov r0, #2; pop {r4, pc}
> 0x0003c9c6 : str ip, [r7, r2, lsl #2]; pop {r4, r5, r6, r7, pc}
> 0x000a9102 : str lr, [r4, #0x20]; mov r0, r5; pop {r4, r5, r6, pc}
> 0x0002cce6 : str r0, [r6]; and r0, r0, #0x80000000; pop {r4, r5, r6, pc}
> 0x00038c22 : strne r5, [r6]; add sp, sp, #0x10; pop {r4, r5, r6, pc}
> 0x0002d76e : str r3, [r7]; add sp, sp, #0x84; pop {r4, r5, r6, r7, pc}
> 0x000de936 : str r3, [fp, #-0x40]; blx r4
> 0x00068e06 : str r7, [r5, r3]; add sp, sp, #0xc; pop {r4, r5, r6, r7, pc}
> 0x000e2bc2 : str lr, [r5, r3]; add sp, sp, #8; pop {r4, r5, r7, pc}
> 0x0009dc36 : str r7, [r6, r3]; add sp, sp, #0xc; pop {r4, r5, r6, r7, pc}
> 0x000febb6 : str r4, [ip]; strh r3, [ip, #4]; pop {r4, r5, r6, pc}
> 0x0009abd2 : str lr, [ip, r3]; add sp, sp, #0x10; pop {r4, r5, r7, pc}
> 0x0009a476 : str r6, [lr, r3]; add sp, sp, #0xc; pop {r4, r5, r6, r7, pc}
> 0x00043d76 : str r0, [ip]; mov r0, r4; add sp, sp, #0x24; pop {r4, r5, pc}
> 0x000c9bfa : str r2, [r1, #0x28]; str r3, [r1, #0x24]; pop {r4, r5, r6, pc}
> 0x00030dbe : str r6, [r1, #0x14]; str r4, [r1, #0x10]; pop {r4, r5, r6, r7, pc}
> 0x00109446 : str lr, [r2, r3]; mov r0, r4; add sp, sp, #0x1a8; pop {r4, pc}
> 0x001098d6 : str lr, [r3, #0xc]; str ip, [r3, #0x10]; pop {r4, pc}
> 0x000f6e9a : str r1, [r6, #0x2c]; str ip, [r6, #0x34]; pop {r4, r5, r6, pc}
> 0x000d08fe : strlt r5, [ip, #8]; strge r2, [ip, #4]; pop {r4, r5, r6, r7, pc}
> 0x001060ae : str r7, [ip]; pop {r4, r5, r6, r7, r8, lr}; bx r3
> 0x0003ddbe : str r1, [r0, #4]; str ip, [r2]; mov r0, #2; pop {r4, pc}
> 0x000624ba : str ip, [r1, r2]; str r3, [r4]; add sp, sp, #0x1c; pop {r4, r5, r6, r7, pc}
> 0x000f09b2 : str r4, [r2, r3]; str r1, [r4, #0x10]; mov r0, r4; pop {r4, r5, r6, pc}
> 0x000f0e5e : str r2, [r6, r5, lsl #2]; str r3, [r4, #0xc]; pop {r4, r5, r6, pc}
> 0x000caf3a : str r3, [lr, ip]; ldr r3, [r1, r2]; str r4, [r3]; pop {r4, r7, pc}
> 0x000aa282 : strne r4, [r0]; ldr r0, [sp, #4]; add sp, sp, #0xc; pop {r4, r5, pc}
> 0x000bc90a : str r5, [r3, r1, lsl #2]; str ip, [r3, r2, lsl #2]; pop {r4, r5, r6, pc}
> 0x000ffd56 : str r8, [r5, #8]; ldr r3, [r3, #0x14]; blx r3
> 0x0006f90d : str r4, [r7, r6]; movs r3, r1; adcs r0, r3; movs r3, r1; blx fp
> 0x000ffb36 : str r5, [r7, #8]; ldr r3, [r3, #0x14]; blx r3
> 0x000de9f2 : str r1, [fp, #-0x4c]; ldr r1, [fp, #-0x88]; blx r3
> 0x000de66e : str lr, [fp, #-0x44]; str ip, [fp, #-0x4c]; blx r3
> 0x00025eba : str r1, [lr, ip]; ldr r3, [pc, r3]; str r2, [lr, r3]; pop {r4, pc}
> 0x000fb4b6 : strge ip, [r4, #0x38]; strge r2, [r4, #0x34]; add sp, sp, #0x14; pop {r4, r5, r6, r7, pc}
> 0x000fe782 : streq r3, [r8]; ldr r3, [r5, #4]; mov r0, r5; ldr r3, [r3, #0x10]; blx r3
> 0x0010cab2 : str ip, [lr]; ldr r3, [r3, r2]; add r4, r4, r1; str r4, [r3]; add sp, sp, #0x10; pop {r4, pc}
> 0x000a85f6 : str r6, [r0]; mov r0, #1; ldr r3, [r4, #4]; add r3, r3, r0; str r3, [r4, #4]; pop {r4, r5, r6, pc}
> 0x000e0d02 : str r2, [r7, r3, lsl #2]; ldr r2, [r4]; orr r3, r5, r2; str r3, [r4]; add sp, sp, #0xc; pop {r4, r5, r6, r7, pc}
> 0x000de666 : str r0, [fp, #-0x40]; mov r0, sl; str lr, [fp, #-0x44]; str ip, [fp, #-0x4c]; blx r3
> 0x00025eb2 : str r0, [lr, r4]; ldr ip, [pc, ip]; str r1, [lr, ip]; ldr r3, [pc, r3]; str r2, [lr, r3]; pop {r4, pc}