ROPSHELL 
ropshell> use eea9a33878d43970747c24ed9c7801cb (download)
name         : ntdll.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 6376

ropshell> suggest "write mem"
> 0x18007f457 : add [rbx], edi; ret
> 0x18007796d : add [rdi], ecx; ret
> 0x18007796c : add [r15], ecx; ret
> 0x18007122a : add [rax + 1], edi; ret
> 0x18006c406 : add [rbx + 0x27401f8], eax; ret
> 0x18010fe67 : adc [rcx + 0x23], eax; ret
> 0x18005245f : adc [rdx + 0x10], ecx; ret
> 0x1800f211d : adc [rbp + 0x3b], ecx; ret
> 0x180012c79 : adc [rbp + 2], esi; ret
> 0x18005b748 : adc [rdx], eax; add rsp, 0x38; ret
> 0x18005b7b2 : adc [rdx], ecx; add rsp, 0x38; ret
> 0x1800f7f17 : add [rax], ebx; bt eax, ecx; setb al; ret
> 0x1800a4063 : adc [rbx], ecx; movaps xmm[rcx - 0x10], xmm0; ret
> 0x1800fe8fa : add [rdx], esi; ror [rax - 0x7d], 0xc4; ret
> 0x1800a3f30 : adc [rcx], eax; movups xmm[rcx + r8 - 0x10], xmm1; ret
> 0x18007e750 : add [rbx + 3], esi; mov [rcx], r8d; ret
> 0x18006e192 : add [r13 + 0x88504], ecx; add [rax], al; ret
> 0x1800a5349 : add [rbx], eax; add [rax + 0x20c48348], dl; pop rbp; ret
> 0x1800a5325 : add [r11], eax; add [rax + 0x50c48348], dl; pop rbp; ret
> 0x1800a3f31 : add [rdx + 0xf], eax; adc [rcx + rax - 0x10], ecx; ret
> 0x18007ba63 : adc [rdi + 0xa], esi; add [rax + 3], cl; ret
> 0x1800a9e67 : add [rsi], eax; add [rax - 0x9ed6c17], dl; jmp [rbp + 0x48]
> 0x1800679a5 : add [rdx + 0xa], esi; xor eax, eax; cmp [rcx], r8d; seta al; ret
> 0x18004634f : add [rbp + 0x10890fc0], eax; sbb eax, [rdi]; add bh, dh; fdivr [rbx]; ret
> 0x180084e15 : add [rsi], ebp; xor [rbp - 0x78], al; push rsp; or eax, [rbx]; mov eax, r10d; add rsp, 0x28; ret
> 0x18004007c : add [rbx + 0x2418902], ecx; movzx eax, [rdx + 4]; mov [rcx + 6], ax; xor eax, eax; ret
> 0x1800e9e14 : add [rcx], edi; add dh, [rdx + 8]; mov al, [rdx]; mov [rcx], al; xor eax, eax; ret
> 0x18005266c : add [rbx], ebp; rol [rcx - 0x77], 1; add cl, [rbx + 0x5c8b48c2]; and al, 8; mov rsi, [rsp + 0x10]; ret
> 0x18005266b : add [r11], ebp; rol [rcx - 0x77], 1; add cl, [rbx + 0x5c8b48c2]; and al, 8; mov rsi, [rsp + 0x10]; ret
> 0x18008caed : add [rcx + 0x46894101], esi; mov r8d, [rbx + rdx*8 + 0xc]; mov rdx, r13; add r8, r15; call r8
> 0x1800045f8 : add [rax + 0xf], ecx; scasd eax, [rdi]; ror [rax - 0x3f], -0x18; cmp bh, dh; fmul [rax - 0x68];  xadd [r10 + 0x30], rax; ret
> 0x180008d1b : add [rcx + 0x18], rax; mov eax, [rcx + 0x10]; mov [rcx + rax*8 + 0x20], r8; mov eax, edx; inc [rcx + 0x10]; ret

© 2014 - 2019 - Powered by ROPEME | Contact