ROPSHELL 
ropshell> use d924c371dec38ef931be57fae9b57aae (download)
name         : ntdll.dll (i386/PE)
base address : 0x6a201000
total gadgets: 9150

ropshell> suggest "load reg"
> 0x6a266ceb : pop eax; ret
> 0x6a2165be : pop ebx; ret
> 0x6a211251 : pop ecx; ret
> 0x6a20a310 : pop edx; ret
> 0x6a213bb8 : pop esi; ret
> 0x6a21dc9d : pop edi; ret
> 0x6a20d3fa : pop ebp; ret
> 0x6a2c9c2b : popal ; ret
> 0x6a2b6958 : pop esp; pop esi; pop ebp; ret 0x10
> 0x6a270b3b : mov eax, [esp + 4]; ret
> 0x6a271686 : mov ecx, [esp + 4]; sub eax, ecx; ret
> 0x6a27dea2 : mov edx, [esp + 0x1c];  cmpxchg8b [ebp]; pop ebp; pop ebx; ret 0x14
> 0x6a27dff1 : mov edi, [esp + 8]; mov ecx, [esp + 0xc]; mov eax, [esp + 0x10]; shr ecx, 2; rep stosd es:[edi], eax; pop edi; ret 0xc

© 2014 - 2019 - Powered by ROPEME | Contact