ROPSHELL 
ropshell> use e5d432e9bceb5cb71b71258f1046dd67 (download)
name         : qwet.exe (i386/RAW)
base address : 0x0
total gadgets: 3245

ropshell> suggest
call
    > 0x00008a15 : call eax
    > 0x0000174d : call ebx
    > 0x00004e31 : call ecx
    > 0x00000df1 : call esi
    > 0x00001917 : call edi
jmp
    > 0x00009176 : push esp; ret
    > 0x000073d5 : jmp eax
    > 0x00024948 : jmp ebx
    > 0x00019cdb : jmp ecx
    > 0x00025135 : jmp edx
load mem
    > 0x000147f4 : mov eax, [edx + 4]; ret
    > 0x0001600d : mov eax, [ebp + 0xc]; pop ebp; ret
    > 0x00008dcf : mov ebp, [ebx + 0x20]; jmp eax
    > 0x00003fbf : mov eax, [esi]; pop esi; mov esp, ebp; pop ebp; ret
    > 0x00062149 : mov edx, [ebx]; jmp [eax + 0x72]
load reg
    > 0x00019dd7 : pop eax; ret
    > 0x00003ad0 : pop ebx; ret
    > 0x00000414 : pop ecx; ret
    > 0x00013d2e : pop edx; ret
    > 0x00002eee : pop esi; ret
pop pop ret
    > 0x00019dd7 : pop eax; ret
    > 0x0000a41e : pop eax; pop ebp; ret
    > 0x0000dcf1 : pop ebx; pop edi; pop ebp; ret
    > 0x0000d9d5 : pop eax; pop edi; pop esi; pop ebp; ret
    > 0x0000e339 : pop ecx; pop edi; pop ebx; pop esi; pop ebp; ret
sp lifting
    > 0x0000dbda : add esp, 0x10; ret
    > 0x0000dbda : add esp, 0x10; ret
stack pivoting
    > 0x00009c90 : xchg eax, esp; ret
    > 0x000150f6 : mov esp, ebx; pop ebx; ret
    > 0x00000700 : mov esp, ebp; pop ebp; ret
    > 0x000047f3 : lea esp, [ebp + edi*8 - 1]; call [ecx - 1]
    > 0x00004e54 : lea esp, [esp + edi*8 - 1]; dec [ebp - 0x33f7b]; call [eax - 1]
write mem
    > 0x0000696a : add [eax], ebp; ret 0x41
    > 0x000142b0 : adc [edx], eax; ret
    > 0x0000459d : add [ebx + 0x3b6602c1], eax; ret
    > 0x00008cea : add [esi + 0x5d], ebx; ret
    > 0x00024c08 : adc [ebx], edx; mov bh, 6; ret

© 2014 - 2019 - Powered by ROPEME | Contact