ROPSHELL 
ropshell> use cec1138c17426f9cbc55a984f3f57397 (download)
name         : rop_me_baby.exe (x86_64/PE)
base address : 0x401000
total gadgets: 8472

ropshell> suggest "stack pivoting"
> 0x00415cda : xchg eax, esp; ret
> 0x00411f6a : mov rsp, rbp; pop rbx; pop rsi; pop rdi; pop r12; pop rbp; ret
> 0x00411f6b : mov esp, ebp; pop rbx; pop rsi; pop rdi; pop r12; pop rbp; ret
> 0x00485b41 : lea esp, [rsp + 0x38]; mov rdx, rsi; mov rcx, r12; call rax
> 0x00450b29 : movsxd rsp, ecx; mov rcx, rsi; mov r8, r12; mov rdx, [rbp - 0x48]; call [rax + 0x60]
> 0x00415e35 : leave ; add eax, ecx; ret

© 2014 - 2019 - Powered by ROPEME | Contact