ROPSHELL 
ropshell> use d7c7e50f2d5d32b260ed380c475fc37f (download)
name         : ntdll.dll (i386/PE)
base address : 0x4b281000
total gadgets: 12633

ropshell> suggest "load reg"
> 0x4b2ec4d2 : pop eax; ret
> 0x4b2a7df8 : pop ebx; ret
> 0x4b29d281 : pop ecx; ret
> 0x4b29dc29 : pop edx; ret
> 0x4b2a824d : pop esi; ret
> 0x4b2ad3a6 : pop edi; ret
> 0x4b2a1e5a : pop ebp; ret
> 0x4b3151c7 : pop esp; ret
> 0x4b3656a3 : popal ; ret
> 0x4b2f7c0b : mov eax, [esp + 4]; ret
> 0x4b2f89b6 : mov ecx, [esp + 4]; sub eax, ecx; ret
> 0x4b307012 : mov edx, [esp + 0x1c];  cmpxchg8b [ebp]; pop ebp; pop ebx; ret 0x14
> 0x4b306a61 : mov edi, [esp + 8]; mov ecx, [esp + 0xc]; mov eax, [esp + 0x10]; shr ecx, 2; rep stosd es:[edi], eax; pop edi; ret 0xc

© 2014 - 2019 - Powered by ROPEME | Contact