ropshell> use 317ee91acb99a10485c38cef56417839 (download) name : msctf_new.dll (x86_64/PE) base address : 0x180001000 total gadgets: 6514
ropshell> suggest call > 0x180009c4c : call rax > 0x18000e585 : call rcx > 0x180007e6c : call rdx > 0x1800a1e8f : call rsi > 0x180009c4b : call r8 jmp > 0x18003fb52 : push rsp; ret > 0x18001fa57 : jmp rax > 0x18001b14b : jmp rcx > 0x180025bf9 : jmp rdx > 0x18003497b : jmp rbp load mem > 0x180002eeb : mov eax, [rdx]; ret > 0x18003f790 : mov rax, [rcx + 0x10]; ret > 0x18003ebac : movsxd rax, [rdx + 0x38]; ret > 0x18003f740 : mov eax, [rcx + 0x10]; ret > 0x180034248 : mov rcx, [r9]; mov [rcx], eax; ret load reg > 0x1800095f8 : pop rax; ret > 0x180002cf1 : pop rbx; ret > 0x1800a73fb : pop rcx; ret > 0x180002966 : pop rsi; ret > 0x18000266b : pop rdi; ret pop pop ret > 0x180009895 : pop r12; ret > 0x180006de9 : pop r12; pop rbp; ret > 0x180019e97 : pop r12; pop rbx; pop rbp; ret > 0x18004362f : pop r12; pop rdi; pop rbp; pop rbx; ret > 0x1800164b5 : pop r12; pop rdi; pop rsi; pop rbp; pop rbx; ret sp lifting > 0x180045508 : add rsp, 0x10; ret > 0x180045508 : add rsp, 0x10; ret > 0x1800e60c6 : add rsp, 0x238; ret > 0x1800029a0 : add rsp, 0x38; ret > 0x1800105e7 : add rsp, 0x48; ret stack pivoting > 0x1800140bd : xchg eax, esp; ret > 0x18000a191 : mov rsp, r11; pop r13; ret > 0x18000a192 : mov esp, ebx; pop r13; ret > 0x18009e734 : leave ; setne al; ret write mem > 0x18005546a : add [rdi], rcx; ret > 0x18005546b : add [rdi], ecx; ret > 0x18003f69e : adc [rdx + 0x20], eax; ret > 0x1800d1c0b : adc [rdx + 0x10], ecx; ret > 0x180051a69 : add [rbp + 0x2b], eax; ret