ropshell> use daf4439caa84c2ca4f6e1b7b20a89f19 (download) name : ntdll.dll (x86_64/PE) base address : 0x180001000 total gadgets: 6609
ropshell> suggest "load reg" > 0x18000519c : pop rax; ret > 0x180001297 : pop rbx; ret > 0x180084f4d : pop rcx; ret > 0x1800589a6 : pop rdx; ret > 0x18000123e : pop rsi; ret > 0x180001309 : pop rdi; ret > 0x1800010ff : pop rbp; ret > 0x180004369 : pop rsp; ret > 0x180066f6b : pop r8; ret > 0x18008f0d8 : pop r11; ret > 0x180004368 : pop r12; ret > 0x1800045a7 : pop r13; ret > 0x18000333e : pop r14; ret > 0x180008084 : pop r15; ret > 0x18008f0d6 : pop r10; pop r11; ret > 0x18008f0d4 : pop r9; pop r10; pop r11; ret > 0x18002d4ee : mov rbx, [rsp + 0x10]; ret > 0x18007e329 : mov rsi, [rsp + 0x10]; ret > 0x18000832d : mov rdi, [rsp + 0x10]; ret > 0x18002d4ef : mov ebx, [rsp + 0x10]; ret > 0x18007e32a : mov esi, [rsp + 0x10]; ret > 0x18000832e : mov edi, [rsp + 0x10]; ret > 0x1800a6c28 : mov eax, [rsp]; add rsp, 8; ret > 0x18002ec6e : mov rax, [rsp + 0x38]; add rsp, 0x28; ret > 0x1800a50f3 : mov r11, [rsp + 8]; add rsp, 0x10; ret > 0x1800de721 : mov rcx, [rsp + 0x110]; call rax > 0x180077434 : mov r12, [rsp + 0x38]; pop r15; pop r14; pop r13; ret > 0x1800d67b8 : mov r14, [rsp + 0x20]; mov [r10], r9d; ret > 0x1800de722 : mov ecx, [rsp + 0x110]; call rax > 0x180077435 : mov esp, [rsp + 0x38]; pop r15; pop r14; pop r13; ret > 0x180109177 : mov rbp, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret > 0x1800a4016 : mov r9, [rsp + 0x38]; add rsp, 0x48; jmp rax > 0x180109178 : mov ebp, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret > 0x1800a50ef : mov r10, [rsp]; mov r11, [rsp + 8]; add rsp, 0x10; ret > 0x1800a50f0 : mov edx, [rsp]; mov r11, [rsp + 8]; add rsp, 0x10; ret > 0x1800a42c8 : mov rdx, [rsp + 0x38]; mov [rsp + 0x48], rdx; add rsp, 0x48; ret > 0x1800a4011 : mov r8, [rsp + 0x30]; mov r9, [rsp + 0x38]; add rsp, 0x48; jmp rax