ropshell> use eb2117712755085359e43942352d7523 (download) name : hard_access.exe (x86_64/PE) base address : 0x401000 total gadgets: 545
ropshell> suggest call > 0x00401247 : call rax > 0x0040221c : call rbx > 0x00405731 : call rcx > 0x00401b52 : call rdx > 0x004011de : call rdi jmp > 0x0040150b : jmp rax > 0x0040300f : jmp rcx > 0x004037ab : jmp r8 > 0x00401dc4 : jmp [rax] > 0x00403485 : jmp [rsi + 0x2e] load mem > 0x00402950 : mov ecx, [rbx]; call rbp > 0x00402962 : mov rax, [rbx + 8]; mov rcx, rsi; call rax > 0x00402963 : mov eax, [rbx + 8]; mov rcx, rsi; call rax > 0x00402543 : mov rcx, [rax + 8]; lea rdx, [rbp - 0x30]; mov r8d, 0x30; call r12 > 0x00402544 : mov ecx, [rax + 8]; lea rdx, [rbp - 0x30]; mov r8d, 0x30; call r12 load reg > 0x00401fcf : pop rax; ret > 0x00401ad3 : pop rbx; ret > 0x00402e80 : pop rcx; ret > 0x004019bd : pop rsi; ret > 0x00402c4c : pop rdi; ret pop pop ret > 0x004013dd : pop r12; ret > 0x004058ea : pop r12; pop r13; ret > 0x004022ee : pop r12; pop r13; pop r14; ret > 0x004033f0 : pop r12; pop r13; pop r14; pop r15; ret > 0x004033ef : pop rbp; pop r12; pop r13; pop r14; pop r15; ret sp lifting > 0x004010ec : add rsp, 0x28; ret > 0x004010ec : add rsp, 0x28; ret > 0x00401053 : add rsp, 0x38; ret > 0x00402ffc : add rsp, 0x48; ret > 0x00401fcc : add rsp, 0x58; ret stack pivoting > 0x00401774 : lea rsp, [rbp - 0x10]; pop rbx; pop rsi; pop rbp; ret > 0x00401775 : lea esp, [rbp - 0x10]; pop rbx; pop rsi; pop rbp; ret > 0x004023a7 : mov rsp, rbp; pop rbx; pop rsi; pop rdi; pop r12; pop rbp; ret > 0x004023a8 : mov esp, ebp; pop rbx; pop rsi; pop rdi; pop r12; pop rbp; ret > 0x004015ab : leave ; ret write mem > 0x00405838 : add [rcx], edi; ret > 0x00405ea1 : add [rax + 1], edi; ret > 0x004024e1 : add [rbx], eax; add ecx, [rax - 0x7d]; ret > 0x00402457 : add [rdi], ecx; test [rdi], ecx; add al, [rax]; add [rax - 0x7d], cl; ret > 0x0040526a : add [rbp + 0x19], esi; mov rbx, [rip + 0x9030]; mov ecx, 1; call rbx