ROPSHELL 
ropshell> use eb7f3f03dd9f4f19027fa6bb35b7e8a7 (download)
name         : 1.2.9 (i386/ELF)
base address : 0x8048300
total gadgets: 7181

ropshell> suggest
call
    > 0x08048edc : call eax
    > 0x0807fe65 : call ebx
    > 0x0805bfb9 : call ecx
    > 0x0804af5b : call edx
    > 0x0808689e : call esi
jmp
    > 0x0805a569 : push esp; ret
    > 0x0805f65b : jmp eax
    > 0x08050684 : jmp ebx
    > 0x080504cf : jmp ecx
    > 0x0809a71f : jmp edx
load mem
    > 0x0806f950 : movzx eax, [edx]; pop ebx; ret
    > 0x080c22d0 : mov eax, [edx + 0x4c]; ret
    > 0x0808e830 : mov eax, [ecx]; pop ebx; pop esi; ret
    > 0x0806f478 : mov eax, [ecx + 8]; sub eax, edx; ret
    > 0x080c04f4 : mov ecx, [ebp + 0x5e5bf465]; pop edi; pop ebp; ret
load reg
    > 0x080c2356 : pop eax; ret
    > 0x0804cf28 : pop ebx; ret
    > 0x0805733a : pop edx; ret
    > 0x0804a1e7 : pop esi; ret
    > 0x080496c1 : pop edi; ret
pop pop ret
    > 0x080c2356 : pop eax; ret
    > 0x08048e97 : pop ebx; pop ebp; ret
    > 0x0809b295 : pop ebp; pop esi; pop edi; ret
    > 0x0809ae9a : pop eax; pop ebx; pop esi; pop edi; ret
    > 0x0804b554 : pop esp; pop ebx; pop esi; pop edi; pop ebp; ret
sp lifting
    > 0x080ab486 : add esp, 0x10; ret
    > 0x080ab486 : add esp, 0x10; ret
    > 0x0809bfb8 : add esp, 0x20; ret
    > 0x0804a5cc : add esp, 0x3c; ret
    > 0x08056ca0 : add esp, 0x4c; ret
stack pivoting
    > 0x0804a21c : xchg eax, esp; ret
    > 0x080c25c2 : mov esp, ecx; ret
    > 0x0805773d : mov esp, ebp; pop ebp; ret
    > 0x0804904f : lea esp, [ecx - 4]; ret
    > 0x08048845 : lea esp, [ebp - 0xc]; pop ebx; pop esi; pop edi; pop ebp; ret
syscall
    > 0x08057ae0 : int 0x80; ret
write mem
    > 0x080891d2 : add [ecx], eax; ret
    > 0x0804b7a5 : add [ecx], edi; ret
    > 0x08078d31 : add [eax + 0x5f028d02], ecx; ret
    > 0x0807c7d7 : add [eax + 0x39f47503], ebp; ret
    > 0x080bc9c2 : add [ebx + 0x4c8b01ef], eax; ret

© 2014 - 2019 - Powered by ROPEME | Contact