ROPSHELL 
ropshell> use dcd07bd721866f29fc3a1162b4dae60d (download)
name         : empty_spaces (x86_64/ELF)
base address : 0x401180
total gadgets: 6314

ropshell> suggest
call
    > 0x00401ed6 : call rax
    > 0x00455d0b : call rbx
    > 0x0040bb4e : call rcx
    > 0x0042ed4c : call rdx
    > 0x004587a9 : call rsi
jmp
    > 0x004196eb : push rsp; ret
    > 0x0040181c : jmp rax
    > 0x0045d94d : jmp rbx
    > 0x00415dd4 : jmp rcx
    > 0x00415e36 : jmp rdx
load mem
    > 0x0041f242 : mov eax, [rcx]; ret
    > 0x0040ae64 : mov rax, [rdi + 0x68]; ret
    > 0x0040ae65 : mov eax, [rdi + 0x68]; ret
    > 0x0043f3c9 : mov eax, [rdx]; pop r12; pop rbp; ret
    > 0x00445865 : movzx eax, [rdi]; sub eax, ecx; ret
load reg
    > 0x0042146b : pop rax; ret
    > 0x00471a37 : pop rbx; ret
    > 0x00477d3d : pop rsi; ret
    > 0x004787b3 : pop rdi; ret
    > 0x0040177a : pop rbp; ret
pop pop ret
    > 0x0047ce09 : pop r12; ret
    > 0x0047a323 : pop r12; pop r13; ret
    > 0x00477d38 : pop r12; pop r13; pop r14; ret
    > 0x004787ac : pop r12; pop r13; pop r14; pop r15; ret
    > 0x00402161 : pop r12; pop r13; pop r14; pop r15; pop rbp; ret
sp lifting
    > 0x00477a45 : add rsp, 0x18; ret
    > 0x00477a45 : add rsp, 0x18; ret
    > 0x0047a88e : add rsp, 0x28; ret
    > 0x004773da : add rsp, 0x38; ret
stack pivoting
    > 0x00401910 : mov rsp, rsi; ret
    > 0x0042099a : xchg eax, esp; ret
    > 0x00401911 : mov esp, esi; ret
    > 0x0043a0fe : lea esp, [rax - 0x7600000a]; ret
    > 0x0047ad59 : mov rsp, rcx; pop rcx; jmp rcx
syscall
    > 0x0040ba76 : syscall ; ret
write mem
    > 0x0043e938 : adc [rax], ecx; ret
    > 0x004158cc : adc [rcx], eax; ret
    > 0x00417712 : adc [rdi], eax; ret
    > 0x0040943b : add [rax + 0x39], ecx; ret
    > 0x00415e6f : adc [rax + 0x30], edi; ret

© 2014 - 2019 - Powered by ROPEME | Contact