ROPSHELL 
ropshell> use e52edf9e16b718131ae16fb22514b44c (download)
name         : libc-2.15.so (i386/ELF)
base address : 0x16f70
total gadgets: 15591

ropshell> suggest "stack pivoting"
> 0x000504d8 : xchg eax, esp; ret
> 0x00030d33 : mov esp, ebp; pop ebp; ret
> 0x0002dd1d : mov esp, ecx; jmp edx
> 0x000b6a91 : lea esp, [ebp - 8]; pop ebx; pop esi; pop ebp; ret
> 0x00045713 : lea esp, [ebx + edi*8 - 1]; jmp [esi - 0x41]
> 0x00052e1b : lea esp, [esi + edi*8 - 1]; dec [ebx - 0x1df4b]; jmp [ebp - 0x75]
> 0x0010b97d : xchg esi, esp; add [eax], al; add [ebx - 0xf77d], cl; jmp [ebp - 0x39]
> 0x0013945b : xchg esp, ebx; add al, [eax]; add ebx, [ebx + ecx*4]; jmp ebx
> 0x00103575 : mov esp, edi; mov ebx, [ecx]; mov esi, [ecx + 4]; mov edi, [ecx + 8]; mov ebp, [ecx + 0xc]; jmp edx
> 0x000d958a : mov esp, esp; cmp al, [eax]; add [edi], cl; test [edi + 3], ebx; add [eax], al; mov eax, [ebx + 0xee0]; call [eax]
> 0x00095ad3 : leave ; add eax, ecx; ret

© 2014 - 2019 - Powered by ROPEME | Contact