ROPSHELL 
ropshell> use fd914adeab889de795a009244b91fc4a (download)
name         : SEHLokoD.exe (i386/PE)
base address : 0x8001000
total gadgets: 284

ropshell> suggest
call
    > 0x08002902 : call ebx
    > 0x080041d0 : call esi
    > 0x08002868 : call edi
    > 0x08002820 : call [eax + 0x68]
    > 0x080027cb : call [ebx + 0x56]
jmp
    > 0x080017df : jmp [eax]
    > 0x0800426e : jmp [esi + 0x39]
load mem
    > 0x08003066 : mov ecx, [ebp + 0xc]; ror eax, cl; pop ebp; ret
    > 0x08003063 : mov eax, [ebp + 8]; mov ecx, [ebp + 0xc]; ror eax, cl; pop ebp; ret
    > 0x08003ac1 : mov eax, [ecx + 4]; mov ecx, [ebp - 8]; mov [ecx], edx; mov [ecx + 4], eax; mov esp, ebp; pop ebp; ret
load reg
    > 0x08003ebb : pop esi; ret
    > 0x08001713 : pop ebp; ret
    > 0x08001b8d : pop ebx; pop ebp; ret 4
    > 0x08003eba : pop edi; pop esi; ret
    > 0x08002145 : pop ecx; pop edi; pop esi; pop ebx; mov esp, ebp; pop ebp; ret
pop pop ret
    > 0x08001713 : pop ebp; ret
    > 0x08003eba : pop edi; pop esi; ret
    > 0x08001b8c : pop esi; pop ebx; pop ebp; ret 4
    > 0x08001b8b : pop edi; pop esi; pop ebx; pop ebp; ret 4
sp lifting
    > 0x08001def : add esp, 0x14; ret
    > 0x08001def : add esp, 0x14; ret
stack pivoting
    > 0x08001711 : mov esp, ebp; pop ebp; ret
write mem
    > 0x08001d83 : add [eax], ecx; ret
    > 0x080034e4 : add [eax + 0x5de58b01], esi; ret

© 2014 - 2019 - Powered by ROPEME | Contact