ROPSHELL 
ropshell> use fe85be7fc92fb80508a89e69095c16df (download)
name         : zap (i386/ELF)
base address : 0x8049110
total gadgets: 326

ropshell> suggest
call
    > 0x080491df : call eax
    > 0x0804d14d : call ebx
    > 0x0804f6fe : call [eax + 0x51]
    > 0x0804d189 : call [edx + 0x51]
    > 0x0804dba9 : call [ebp - 0x77]
jmp
    > 0x08050ef5 : push esp; ret
    > 0x0804beb0 : jmp eax
    > 0x0804938c : jmp [eax + 0x2c]
    > 0x0804f90a : jmp [esi - 0x39]
load reg
    > 0x0804d996 : popal ; cld ; ret
    > 0x08050eea : pop ebp; or [ebx + 0x2405bc45], cl; add al, 0; add [ecx - 0x76f73cac], cl; dec esp; ret
pop pop ret
    > 0x08050eea : pop ebp; or [ebx + 0x2405bc45], cl; add al, 0; add [ecx - 0x76f73cac], cl; dec esp; ret
    > 0x0805147c : pop ss; pop es; add [eax], al; mov edx, [ebp - 0x68]; mov eax, [edx*4 + 0x8055780]; jmp eax
stack pivoting
    > 0x0804d995 : lea esp, [ecx - 4]; ret
    > 0x08051457 : xchg eax, esp; mov eax, [edx*4 + 0x8055768]; jmp eax
    > 0x08049193 : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact