ropshell> use f368514b12955a07b9e3748f75661050 (download) name : exploit2.bin (x86_64/ELF) base address : 0x4011b0 total gadgets: 7260
ropshell> suggest call > 0x0040270e : call rax > 0x00450106 : call rbx > 0x0049cca6 : call rcx > 0x004101fb : call rdx > 0x0045845e : call rsi jmp > 0x00425b79 : push rsp; ret > 0x00401c28 : jmp rax > 0x00408e7d : jmp rbx > 0x004029a7 : jmp rcx > 0x0040eb31 : jmp rdx load mem > 0x00498d72 : mov eax, [rcx]; ret > 0x00421cb4 : mov rax, [rdi + 0x68]; ret > 0x00421cb5 : mov eax, [rdi + 0x68]; ret > 0x0042c6c3 : movzx eax, [rdi]; sub eax, ecx; ret > 0x00432df3 : movzx ecx, [rsi]; sub eax, ecx; ret load reg > 0x00451fd7 : pop rax; ret > 0x004020cb : pop rbx; ret > 0x004017ef : pop rdx; ret > 0x0040f30e : pop rsi; ret > 0x004018e2 : pop rdi; ret pop pop ret > 0x004031df : pop r12; ret > 0x00419d86 : pop r12; pop r13; ret > 0x0040f309 : pop r12; pop r13; pop r14; ret > 0x004018db : pop r12; pop r13; pop r14; pop r15; ret > 0x00403604 : pop r12; pop r13; pop r14; pop r15; pop rbp; ret sp lifting > 0x0040f551 : add rsp, 0x118; ret > 0x0040f551 : add rsp, 0x118; ret > 0x004512dd : add rsp, 0x28; ret > 0x0048fb82 : add rsp, 0x38; ret > 0x00451fd4 : add rsp, 0x58; ret stack pivoting > 0x00404da1 : xchg eax, esp; ret > 0x004aec54 : mov rsp, rcx; pop rcx; jmp rcx > 0x004aec55 : mov esp, ecx; pop rcx; jmp rcx > 0x0049ce2b : mov rsp, r8; mov rbp, r9; nop ; jmp rdx > 0x0049ce2c : mov esp, eax; mov rbp, r9; nop ; jmp rdx syscall > 0x0041f5c4 : syscall ; ret write mem > 0x0044e7bc : adc [rbx], eax; ret > 0x0047be2b : add [rcx], eax; ret > 0x00496ae6 : adc [rax + 0x39], ecx; ret > 0x00452ef5 : add [rbx + 0x94901e0], eax; ret > 0x0043f6ba : adc [rcx + 7], rdi; ret