ROPSHELL 
ropshell> use 60e1c0075f02c8e08683e9100c4881af (download)
name         : chall-2 (x86_64/ELF)
base address : 0x400600
total gadgets: 79

ropshell> suggest
call
    > 0x004006fe : call rax
    > 0x00400705 : call [rbp + 0x48]
    > 0x0040089a : call [rsp + rbx*8]
    > 0x00400899 : call [r12 + rbx*8]
    > 0x00400763 : call [rax + 0x4855c35d]; mov ebp, esp; push rsp; ret
jmp
    > 0x0040076b : push rsp; ret
    > 0x00400665 : jmp rax
load reg
    > 0x0040079a : pop rax; ret
    > 0x00400788 : pop rdx; ret
    > 0x00400791 : pop rsi; ret
    > 0x0040077f : pop rdi; ret
    > 0x00400670 : pop rbp; ret
pop pop ret
    > 0x004008b2 : pop r15; ret
    > 0x004008b0 : pop r14; pop r15; ret
    > 0x004008ae : pop r13; pop r14; pop r15; ret
    > 0x004008ac : pop r12; pop r13; pop r14; pop r15; ret
    > 0x004008ab : pop rbp; pop r12; pop r13; pop r14; pop r15; ret
stack pivoting
    > 0x0040084a : leave ; ret
syscall
    > 0x004007a3 : syscall ; nop ; pop rbp; ret

© 2014 - 2019 - Powered by ROPEME | Contact