ropshell> use fc3391a5231682273c849d213abb05ea (download)
name         : kernel32.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 2694

ropshell> suggest
call
    > 0x18002f55b : call rcx
    > 0x18007d155 : call rbp
    > 0x180027cde : call [rax]
    > 0x18000f4e1 : call [rcx]
    > 0x18000b8aa : call [rsi]
jmp
    > 0x18000ef0d : jmp rax
    > 0x18001c31c : jmp rcx
    > 0x18001a019 : jmp rdi
    > 0x180071a51 : jmp rsp
    > 0x18007a8e4 : jmp [rax]
load mem
    > 0x18001d990 : mov eax, [rcx + 0x10]; ret
    > 0x18007aed6 : mov rax, [rdx + 0x18]; add rax, rcx; ret
    > 0x18007aed7 : mov eax, [rdx + 0x18]; add rax, rcx; ret
    > 0x1800155d3 : mov rsi, [r11 + 0x18]; mov rsp, r11; pop rdi; ret
    > 0x180015e8b : mov rdi, [r11 + 0x18]; mov rsp, r11; pop rbp; ret
load reg
    > 0x1800022fc : pop rax; ret
    > 0x180001bc4 : pop rbx; ret
    > 0x180029dfc : pop rdx; ret
    > 0x180001a09 : pop rsi; ret
    > 0x180001144 : pop rdi; ret
pop pop ret
    > 0x180004cf1 : pop r12; ret
    > 0x18000544d : pop r12; pop rbp; ret
    > 0x180010409 : pop r12; pop rdi; pop rbp; ret
    > 0x180071e09 : pop r12; pop rdi; pop rbx; pop rbp; ret
    > 0x180001f75 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret
sp lifting
    > 0x180024a27 : add rsp, 0x118; ret
    > 0x180024a27 : add rsp, 0x118; ret
    > 0x180002537 : add rsp, 0x28; ret
    > 0x1800024bf : add rsp, 0x38; ret
    > 0x180001199 : add rsp, 0x48; ret
stack pivoting
    > 0x180021ef5 : xchg eax, esp; ret
    > 0x180004513 : mov rsp, r11; pop r14; ret
    > 0x180004514 : mov esp, ebx; pop r14; ret
    > 0x180056dd0 : push rbx; add al, [rcx - 0x77]; sbb [rax - 0x75], ecx; pop rsp; and al, 8; ret
    > 0x1800109e6 : leave ; ret
syscall
    > 0x180024324 : int 0x80; adc al, 0; add [rbp + 0x2e], dh; ret
write mem
    > 0x18006ce30 : add [rax + 0xf], ecx; ret
    > 0x18007e816 : add [rax + 1], edi; ret
    > 0x180002a30 : adc [rcx + 0x20], eax; ret
    > 0x180065a1e : adc [rbp + 3], eax; ret
    > 0x18006ce2f : add [r8 + 0xf], ecx; ret