ROPSHELL 
ropshell> use 399fdfaed5ea1fdc3da9fd9fe61bcbd0 (download)
name         : babyrop_level9.0 (x86_64/ELF)
base address : 0x4011d0
total gadgets: 49

ropshell> suggest
call
    > 0x00401ada : call [rdi + rbx*8]
    > 0x00401ad9 : call [r15 + rbx*8]
    > 0x004014ac : call [rax - 0x179a72b8]; pop rbx; pop r12; pop r13; pop rbp; ret
jmp
    > 0x0040122c : jmp rax
load reg
    > 0x00401af3 : pop rdi; ret
    > 0x0040129d : pop rbp; ret
    > 0x00401af2 : pop r15; ret
    > 0x00401af1 : pop rsi; pop r15; ret
    > 0x004014b5 : pop r13; pop rbp; ret
pop pop ret
    > 0x00401af2 : pop r15; ret
    > 0x004014b5 : pop r13; pop rbp; ret
    > 0x004014b3 : pop r12; pop r13; pop rbp; ret
    > 0x00401aec : pop r12; pop r13; pop r14; pop r15; ret
    > 0x00401aeb : pop rbp; pop r12; pop r13; pop r14; pop r15; ret
stack pivoting
    > 0x004014ae : lea rsp, [rbp - 0x18]; pop rbx; pop r12; pop r13; pop rbp; ret
    > 0x004014af : lea esp, [rbp - 0x18]; pop rbx; pop r12; pop r13; pop rbp; ret
    > 0x004016ab : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact