ropshell> use f3bdaf1c0473bf2f21ce95a575116f61 (download)
name         : AntAPI.dll (i386/PE)
base address : 0x10001000
total gadgets: 1417

ropshell> suggest
call
    > 0x10003358 : call eax
    > 0x100016eb : call ebx
    > 0x100030ec : call ecx
    > 0x10001452 : call esi
    > 0x1000202c : call edi
jmp
    > 0x100047cf : jmp eax
    > 0x10005ab5 : jmp [eax]
    > 0x10005b6c : jmp [esi - 0x75]
load mem
    > 0x100044dc : mov eax, [esi]; pop edi; pop esi; ret 4
    > 0x10001d06 : mov ecx, [eax]; call [ecx + 4]; ret 4
    > 0x10003271 : mov eax, [ebp + 8]; pop esi; pop ebx; pop ebp; ret 0x10
    > 0x10003ac6 : mov eax, [edi]; push edi; call [eax + 4]
    > 0x1000356f : mov edx, [ecx + 0x18]; push edx; push ecx; call eax
load reg
    > 0x10002492 : pop eax; ret
    > 0x100016fb : pop ebx; ret
    > 0x100012b4 : pop ecx; ret
    > 0x1000122f : pop esi; ret
    > 0x10004ac1 : pop edi; ret
pop pop ret
    > 0x10002492 : pop eax; ret
    > 0x10007606 : pop eax; pop esi; ret
    > 0x10007d89 : pop ebx; pop ecx; pop ecx; ret
    > 0x10007d88 : pop ebp; pop ebx; pop ecx; pop ecx; ret
    > 0x100011e2 : pop eax; pop edi; pop esi; pop ebx; pop ebp; ret
sp lifting
    > 0x100074c4 : add esp, 0x10; ret
    > 0x100074c4 : add esp, 0x10; ret
stack pivoting
    > 0x100072cc : mov esp, ebp; pop ebp; ret
    > 0x10003f2f : lea esp, [ebp - 0xc]; pop edi; pop esi; pop ebx; pop ebp; ret
    > 0x10004d86 : mov esp, ecx; mov ecx, [eax]; mov eax, [eax + 4]; push eax; ret
    > 0x100042cf : xchg eax, esp; add [eax], dl; push eax; call [ecx + 0x10]
    > 0x100013c2 : leave ; ret
write mem
    > 0x10003edc : add [eax], ecx; pop ebx; pop ebp; ret
    > 0x100015f7 : add [esi], eax; pop esi; pop ebp; ret
    > 0x100025eb : add [eax + 0x5f], ebx; pop esi; ret 4
    > 0x10001d51 : adc [ebx], edx; add [eax], al; pop esi; pop ebp; ret 0xc
    > 0x100025e4 : add [eax + 0x6ff0814], ecx; push 1; pop eax; pop edi; pop esi; ret 4