ropshell> use 3441abf9b9f7dc9f9406b347b026a71d (download)
name         : libc.so.6 (arm/ELF)
base address : 0x15c40
total gadgets: 5209

ropshell> suggest "write mem"
> 0x00101c3a : str r4, [r0]; pop {r3, r4, r5, pc}
> 0x0007999e : str r1, [r2]; pop {r4, r5, r6, pc}
> 0x00092a8e : str r3, [r2]; pop {r3, r4, r5, pc}
> 0x000627aa : str r5, [r2]; pop {r3, r4, r5, pc}
> 0x000cb622 : str r0, [r3]; pop {r3, pc}
> 0x00078c62 : str r2, [r3]; pop {r3, pc}
> 0x000aa07e : str r4, [r3]; pop {r3, r4, r5, r6, r7, pc}
> 0x000f54d2 : str r0, [r4]; pop {r4, pc}
> 0x00064472 : str r1, [r4]; pop {r4, pc}
> 0x00019f6e : str r3, [r4]; pop {r3, r4, r5, pc}
> 0x000c652e : str r5, [r4]; pop {r3, r4, r5, pc}
> 0x00106192 : str r3, [r5]; pop {r3, r4, r5, r6, r7, pc}
> 0x0007c97e : str r4, [r6]; pop {r4, r5, r6, pc}
> 0x000fea0e : str r3, [r7]; pop {r3, r4, r5, r6, r7, pc}
> 0x00031bde : str r5, [r7]; pop {r3, r4, r5, r6, r7, pc}
> 0x0002d8de : str r2, [r0, r3]; pop {r4, pc}
> 0x000ecc36 : str r5, [r0, r3]; pop {r3, r4, r5, pc}
> 0x00026b4a : str ip, [r0, r3]; pop {r4, r5, pc}
> 0x000c73f2 : str r6, [r4, r3]; pop {r4, r5, r6, pc}
> 0x00031402 : str r3, [r0]; mov r0, r3; pop {r4, pc}
> 0x000abeea : str r3, [r1, #0x1c]; pop {r3, r4, r5, pc}
> 0x000799c6 : str r0, [r2]; mov r0, r3; pop {r4, r5, r6, pc}
> 0x0006eafe : str r1, [r3, #0x18]; pop {r4, r5, r6, r7, pc}
> 0x000f79ae : streq r2, [r4, #0x10]; pop {r3, r4, r5, pc}
> 0x000c7a7a : str r0, [r5, #4]; pop {r3, r4, r5, r6, r7, pc}
> 0x000cecbe : str r0, [r6]; mov r0, r3; pop {r3, r4, r5, r6, r7, pc}
> 0x000fc6ca : str r2, [r6, #0x28]; pop {r3, r4, r5, r6, r7, pc}
> 0x00082476 : strne r3, [r6]; mov r0, r4; pop {r4, r5, r6, pc}
> 0x0008f17e : str r5, [r6]; blx sb
> 0x000c0f2e : str ip, [r6, #4]; pop {r4, r5, r6, pc}
> 0x00079a5e : str r0, [r7]; mov r0, r5; pop {r3, r4, r5, r6, r7, pc}
> 0x0001be7e : str r2, [r7, #0x18]; pop {r3, r4, r5, r6, r7, pc}
> 0x000ced0a : str r1, [r0, r2]; mov r0, r3; pop {r3, r4, r5, r6, r7, pc}
> 0x000bcfe6 : str r0, [r1, r3, lsl #2]; pop {r4, r5, r6, pc}
> 0x000cf19a : strge ip, [r1, #4]; bx lr
> 0x000a9d96 : str r5, [r3, r0, lsl #2]; pop {r3, r4, r5, r6, r7, pc}
> 0x000bd142 : str ip, [r4]; mov r0, #0; pop {r3, r4, r5, pc}
> 0x000abf6e : strne ip, [r3]; add sp, sp, #0x14; pop {r4, r5, r6, r7, pc}
> 0x000f76ae : str r1, [r5, #0x2c]; mov r0, r3; pop {r4, r5, r6, pc}
> 0x00023126 : str r2, [r5]; add sp, sp, #8; pop {r4, r5, r6, pc}
> 0x00048b89 : strh r4, [r5, r5]; movs r7, r1; bx fp
> 0x000c64d6 : str r6, [r5, #0x24]; mov r0, r4; pop {r3, r4, r5, r6, r7, pc}
> 0x000f1352 : str r7, [r5, #0x2c]; mov r0, r4; pop {r3, r4, r5, r6, r7, pc}
> 0x0008d962 : str r1, [r6]; add sp, sp, #0x10; pop {r4, r5, r6, pc}
> 0x000dd9f6 : str lr, [fp, #-0x40]; blx ip
> 0x0004a45e : str r3, [lr, #0xf0c]; blx r2
> 0x0009c856 : str r6, [r0, r3]; add sp, sp, #0x14; pop {r4, r5, r6, r7, pc}
> 0x0005c1ba : str r0, [ip]; mov r0, r5; add sp, sp, #0x24; pop {r4, r5, pc}
> 0x000dd6ce : str r2, [fp, #-0x4c]; mov r2, r6; blx r3
> 0x00049b6e : str ip, [lr, #0xf08]; mov r0, r6; blx sb
> 0x000c0e92 : str r2, [r1, #0x10]; str r3, [r5, #4]; pop {r3, r4, r5, r6, r7, pc}
> 0x00064f2a : streq r7, [r1, #4]; str r3, [r5, #0xa0]; pop {r3, r4, r5, r6, r7, pc}
> 0x0006e7ae : streq r7, [r4, #8]; str r3, [r4, #0xa0]; pop {r3, r4, r5, r6, r7, pc}
> 0x000c0dea : str r4, [ip, #4]; str r3, [r5, #4]; pop {r3, r4, r5, pc}
> 0x00028f26 : str r3, [fp, #-0x80]; eor r2, r1, r2; blx r2
> 0x000d198a : str r2, [ip, #4]; mov r0, r3; add sp, sp, #0x24; pop {r4, r5, r6, r7, pc}
> 0x000f34e6 : str r3, [ip]; str r3, [r0]; str r3, [r1]; str r3, [r2]; pop {r4, pc}
> 0x000dddee : str r5, [fp, #-0x3c]; str lr, [fp, #-0x40]; blx ip
> 0x000dda6e : str r8, [fp, #-0x44]; str lr, [fp, #-0x40]; blx ip
> 0x000abf66 : strne ip, [r2]; cmp r3, #0; strne ip, [r3]; add sp, sp, #0x14; pop {r4, r5, r6, r7, pc}
> 0x00064f26 : streq r4, [r1, #0x14]; streq r7, [r1, #4]; str r3, [r5, #0xa0]; pop {r3, r4, r5, r6, r7, pc}
> 0x0001be76 : str r1, [r7, #0x30]; str r3, [r7, #0x14]; str r2, [r7, #0x18]; pop {r3, r4, r5, r6, r7, pc}
> 0x0008fdc2 : strhi r4, [r2]; cmp r0, r4; ldrhi r3, [pc, #0x20]; addhi r3, pc, r3; strhi r0, [r3]; pop {r3, r4, r5, pc}
> 0x000fe6be : streq r3, [sl]; ldr r3, [r4, #4]; mov r0, r4; ldr r3, [r3, #0x10]; blx r3
> 0x000dd9ee : str r7, [fp, #-0x3c]; str r5, [fp, #-0x44]; str lr, [fp, #-0x40]; blx ip
> 0x000ddc5e : str sl, [fp, #-0x44]; str lr, [fp, #-0x40]; str ip, [fp, #-0x4c]; blx r3
> 0x000abf62 : str r1, [ip, #0x1c]; strne ip, [r2]; cmp r3, #0; strne ip, [r3]; add sp, sp, #0x14; pop {r4, r5, r6, r7, pc}
> 0x000a9fc6 : str r7, [r6, #4]; stmlt r0, {r4, r5}; strge r5, [r0]; strge r4, [r0, #4]; mov r0, #0; pop {r3, r4, r5, r6, r7, pc}
> 0x0001be72 : str ip, [r7, #0x2c]; str r1, [r7, #0x30]; str r3, [r7, #0x14]; str r2, [r7, #0x18]; pop {r3, r4, r5, r6, r7, pc}
> 0x000ddde6 : str r4, [fp, #-0x44]; str r3, [fp, #-0x4c]; str r5, [fp, #-0x3c]; str lr, [fp, #-0x40]; blx ip
> 0x00031fc6 : strh r5, [r1, #0xc]; strh r4, [r1, #0xe]; strd r2, r3, [r1, #0x10]; strh ip, [r1]; pop {r4, r5, r6}; bx lr
> 0x00108b62 : streq r7, [r8, #0xc]; ldr r1, [sp]; add r0, r1, #0x4c0; add r0, r0, #4; ldr r3, [r1, #0x7f4]; blx r3
> 0x000abf5e : str r5, [ip, #0x10]; str r1, [ip, #0x1c]; strne ip, [r2]; cmp r3, #0; strne ip, [r3]; add sp, sp, #0x14; pop {r4, r5, r6, r7, pc}
> 0x000fc40a : str r8, [r4, #0x24]; ldr r3, [r3, #0xc]; mov r0, r5; ldr r1, [sp, #8]; ldr r2, [r4, #0x48]; blx r3
> 0x00064f1e : strne r6, [r1, #4]; streq r4, [r1, #0x10]; streq r4, [r1, #0x14]; streq r7, [r1, #4]; str r3, [r5, #0xa0]; pop {r3, r4, r5, r6, r7, pc}
> 0x0001be6e : str r4, [r7, #0x28]; str ip, [r7, #0x2c]; str r1, [r7, #0x30]; str r3, [r7, #0x14]; str r2, [r7, #0x18]; pop {r3, r4, r5, r6, r7, pc}
> 0x000dd6be : str r0, [fp, #-0x40]; mov r0, r7; str lr, [fp, #-0x3c]; str ip, [fp, #-0x44]; str r2, [fp, #-0x4c]; mov r2, r6; blx r3
> 0x00030dc2 : str r6, [r3, #0xc]; ldr r1, [r1]; eor r5, r5, r1; str r5, [r3, #4]; mcr p15, #0, r0, c7, c10, #5; str r2, [r3]; pop {r5, r6, r7, pc}
> 0x000ddfea : str r1, [fp, #-0x44]; str r2, [fp, #-0x40]; str r3, [fp, #-0x4c]; ldr r0, [pc, #0xa4]; mov r1, #0; mov r2, r6; blx sl