Free Online ROP Gadgets Search

ropshell> use da9506e800e13da0abba32bb0c105382 (download)
name         : xinput1_3.dll (i386/PE)
base address : 0x401000
total gadgets: 1193

ropshell> suggest "load mem"
> 0x00407df3 : mov ebp, [ebx + 0x20]; jmp eax
> 0x0040d2c4 : mov ecx, [eax]; mov eax, [eax + 4]; push eax; ret
> 0x00407886 : mov eax, [ebp + 0xc]; pop edi; pop esi; pop ebx; pop ebp; ret 0xc
> 0x00407f04 : mov eax, [edx + 4]; mov [ecx + 4], eax; pop ebp; ret
> 0x0040901f : mov ecx, [esi + ecx]; add ecx, edx; add eax, ecx; pop esi; ret
> 0x004048e1 : mov eax, [edx]; mov ecx, [ebp - 0x30]; push ecx; call [eax + 0xc]
> 0x004049c6 : mov edx, [ecx]; mov eax, [ebp - 0x18]; push eax; call [edx + 0xc]
> 0x0040bf32 : mov eax, [ecx + 8]; and [ecx + 4], 0; mov [ecx], eax; pop ebp; ret
> 0x00407b82 : mov ebx, [ebp + 0xc]; mov esp, [ebx - 4]; mov ebp, [ebp - 4]; jmp eax
> 0x00404dd1 : mov edx, [ebp + 8]; mov [edx], 0; mov eax, [ebp - 4]; mov esp, ebp; pop ebp; ret 0x10
> 0x0040901c : mov esi, [edx + esi]; mov ecx, [esi + ecx]; add ecx, edx; add eax, ecx; pop esi; ret
> 0x00403980 : mov ecx, [ebp + 0x10]; push ecx; mov edx, [ebp - 4]; push edx; call [ebp + 0xc]
> 0x00407b77 : mov eax, [ebx]; mov fs:[0], eax; mov eax, [ebp + 8]; mov ebx, [ebp + 0xc]; mov esp, [ebx - 4]; mov ebp, [ebp - 4]; jmp eax