ropshell> use 64437dd30d82c9f4a201a2a1a730ba1a (download) name : sad (x86_64/ELF) base address : 0x4010e0 total gadgets: 6729
ropshell> suggest "load reg" > 0x0043f8d7 : pop rax; ret > 0x00402000 : pop rbx; ret > 0x004073e3 : pop rcx; ret 7 > 0x0040177f : pop rdx; ret > 0x00407aae : pop rsi; ret > 0x0040187a : pop rdi; ret > 0x00401d02 : pop rbp; ret > 0x0040299b : pop rsp; ret > 0x0040299a : pop r12; ret > 0x00408bef : pop r13; ret > 0x00407aad : pop r14; ret > 0x00401879 : pop r15; ret > 0x0047be4d : mov rax, [rsp]; add rsp, 0x38; ret > 0x0047be4e : mov eax, [rsp]; add rsp, 0x38; ret > 0x00461312 : mov rsi, [rsp + 0x18]; call rbx > 0x0046e44e : mov rdi, [rsp + 0x18]; call rax > 0x00461313 : mov esi, [rsp + 0x18]; call rbx > 0x0046e44f : mov edi, [rsp + 0x18]; call rax > 0x00480a89 : mov edx, [rsp]; mov rdi, r13; call rbp > 0x0046dbea : mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax] > 0x0046dbeb : mov ecx, [rsp + 0x40]; add rsp, 0x48; jmp [rax] > 0x0040f6fe : pop r8; add [rax], al; add [rax], al; mov [rbx + 0x50], 0; pop rbx; ret > 0x0046130a : mov r9, [rsp + 0x10]; mov rdi, rbp; mov rsi, [rsp + 0x18]; call rbx > 0x0046dbe5 : mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax] > 0x0046dbe0 : mov r11, [rsp + 0x30]; mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax] > 0x0046dbe1 : mov ebx, [rsp + 0x30]; mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax] > 0x0044c9d6 : mov r8, [rsp + 0x48]; mov rcx, [rsp + 0x18]; mov rsi, [rsp + 0x40]; mov rdi, [rsp + 0x38]; call r15 > 0x0046dbdb : mov r10, [rsp + 0x28]; mov r11, [rsp + 0x30]; mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x48; jmp [rax]