ROPSHELL 
ropshell> use ed6014c1ccd07eb2ef94913332b01b25 (download)
name         : nginx (x86_64/ELF)
base address : 0x4037c0
total gadgets: 1991

ropshell> suggest "load reg"
> 0x0040391e : pop rbx; ret
> 0x00408372 : pop rsi; ret
> 0x004042ab : pop rdi; ret
> 0x00403889 : pop rbp; ret
> 0x0040397b : pop rsp; ret
> 0x0040397a : pop r12; ret
> 0x00403ba8 : pop r13; ret
> 0x00408371 : pop r14; ret
> 0x004042aa : pop r15; ret
> 0x00425c1e : pop rdx; adc dh, dh; ret
> 0x0040eae6 : pop rax; sbb [rax - 0x77], cl; ret
> 0x0043cc73 : pop rcx; cld ; call [rbx + 0x48]
> 0x004072b9 : mov rax, [rsp + 0x30]; call [rax + 8]
> 0x00421c51 : mov rsi, [rsp + 8]; mov rdi, r14; call r15
> 0x0045c8aa : mov rdi, [rsp + 8]; call [rbx]
> 0x004072ba : mov eax, [rsp + 0x30]; call [rax + 8]
> 0x00421c52 : mov esi, [rsp + 8]; mov rdi, r14; call r15
> 0x0045c8ab : mov edi, [rsp + 8]; call [rbx]
> 0x00426569 : mov rcx, [rsp + 0x10]; mov rsi, [rcx]; mov rdi, r14; call rax
> 0x0042656a : mov ecx, [rsp + 0x10]; mov rsi, [rcx]; mov rdi, r14; call rax
> 0x00438532 : mov rbp, [rsp + 0x20]; mov rsi, r13; mov rdx, rbx; mov rdi, r14; call [rbx + 0x10]
> 0x00438533 : mov ebp, [rsp + 0x20]; mov rsi, r13; mov rdx, rbx; mov rdi, r14; call [rbx + 0x10]
> 0x0043852d : mov rbx, [rsp + 0x10]; mov rbp, [rsp + 0x20]; mov rsi, r13; mov rdx, rbx; mov rdi, r14; call [rbx + 0x10]
> 0x0043852e : mov ebx, [rsp + 0x10]; mov rbp, [rsp + 0x20]; mov rsi, r13; mov rdx, rbx; mov rdi, r14; call [rbx + 0x10]

© 2014 - 2019 - Powered by ROPEME | Contact