ROPSHELL 
ropshell> use ddfdc0ca6fbb9372402f9e6cb0ed1097 (download)
name         : ntdll.dll (x86_64/PE)
base address : 0x78e51000
total gadgets: 12000

ropshell> suggest "stack pivoting"
> 0x78ee150a : xchg eax, esp; ret
> 0x78e62ad8 : mov rsp, r11; pop r12; ret
> 0x78e62ad9 : mov esp, ebx; pop r12; ret
> 0x78f0278e : lea rsp, [rbp + 0x10]; pop rbp; ret
> 0x78eb2179 : push rcx; pop rsp; call rax
> 0x78f0278f : lea esp, [rbp + 0x10]; pop rbp; ret
> 0x78eac29a : mov esp, ebp; wait ; std ; jmp [rbp + 0x48]
> 0x78f01b4f : lea esp, [rbx + 1]; add [rax + 0x489000eb], dl; add esp, 0x38; ret
> 0x78ec45a5 : leave ; cmovns eax, ecx; ret

© 2014 - 2019 - Powered by ROPEME | Contact