ropshell> use f5649a8f4b0e911d10fe25d75a5ed54a (download)
name         : calicovision (x86_64/ELF)
base address : 0x401120
total gadgets: 19121
ropshell> suggest
call
    > 0x0040250e : call rax
    > 0x00460224 : call rbx
    > 0x004ba347 : call rcx
    > 0x0042ccb9 : call rdx
    > 0x0044f54f : call rsi
jmp
    > 0x004c44b3 : push rsp; ret
    > 0x00404ed4 : jmp rax
    > 0x004b9740 : jmp rbx
    > 0x0046c93d : jmp rcx
    > 0x0044ca67 : jmp rdx
load mem
    > 0x0042df70 : mov rax, [rsi]; ret
    > 0x00407700 : mov rax, [rdi]; ret
    > 0x0053c01a : mov eax, [rcx]; ret
    > 0x0042df71 : mov eax, [rsi]; ret
    > 0x00407701 : mov eax, [rdi]; ret
load reg
    > 0x0041e7b6 : pop rax; ret
    > 0x004060a7 : pop rbx; ret
    > 0x00448263 : pop rcx; ret 5
    > 0x0040415b : pop rdx; ret
    > 0x004082b0 : pop rsi; ret
pop pop ret
    > 0x004045f3 : pop r12; ret
    > 0x005174e9 : pop bx; pop rbp; ret
    > 0x004082ab : pop r12; pop r13; pop r14; ret
    > 0x00404b27 : pop r12; pop r13; pop r14; pop r15; ret
    > 0x0041400d : pop r12; pop r13; pop r14; pop r15; pop rbp; ret
sp lifting
    > 0x004110d7 : add rsp, 0x10; ret
    > 0x004110d7 : add rsp, 0x10; ret
    > 0x00411557 : add rsp, 0x20; ret
    > 0x0051b333 : add rsp, 0x38; ret
    > 0x0051b4ad : add rsp, 0x48; ret
stack pivoting
    > 0x004a4314 : mov rsp, rcx; ret
    > 0x0042a0ee : xchg eax, esp; ret
    > 0x004a4315 : mov esp, ecx; ret
    > 0x0054e184 : mov esp, eax; mov rax, r12; pop r12; ret
    > 0x0051cab8 : mov rsp, r8; mov rbp, r9; jmp rdx
syscall
    > 0x004cd16c : syscall ; ret
write mem
    > 0x005077c8 : adc [rbx], eax; ret
    > 0x00491211 : adc [rax + 0x39], ecx; ret
    > 0x004accc6 : add [rbx + 0x394907e0], eax; ret
    > 0x004ef866 : adc [rcx + 7], rdi; ret
    > 0x004da2dd : add [rcx + 0x38], eax; ret