ROPSHELL 
ropshell> use e38fb6f28da52d90cc3ee7eff3bb025e (download)
name         : stage1 (i386/ELF)
base address : 0x480
total gadgets: 41

ropshell> suggest
call
    > 0x000006fc : call eax
    > 0x0000074d : call edx
    > 0x000006aa : call [eax + 0x51]
    > 0x000005bc : call [esi - 0x18]
jmp
    > 0x000006b8 : push esp; mov ebx, [esp]; ret
load reg
    > 0x0000081b : pop ebp; ret
    > 0x0000081a : pop edi; pop ebp; ret
    > 0x000005f2 : popal ; cld ; ret
    > 0x00000819 : pop esi; pop edi; pop ebp; ret
    > 0x000006ba : mov ebx, [esp]; ret
pop pop ret
    > 0x0000081b : pop ebp; ret
    > 0x0000081a : pop edi; pop ebp; ret
    > 0x00000819 : pop esi; pop edi; pop ebp; ret
    > 0x00000818 : pop ebx; pop esi; pop edi; pop ebp; ret
    > 0x000005ec : pop ecx; pop ebx; pop esi; pop edi; pop ebp; lea esp, [ecx - 4]; ret
stack pivoting
    > 0x000005f1 : lea esp, [ecx - 4]; ret
    > 0x00000701 : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact