ROPSHELL 
ropshell> use 66ca226421465f0a00c3199ef12a4edc (download)
name         : target5 (x86_64/RAW)
base address : 0x0
total gadgets: 9006

ropshell> suggest
call
    > 0x00001019 : call rax
    > 0x00034b14 : call rbx
    > 0x00011247 : call rcx
    > 0x00001c5d : call rdx
    > 0x00012271 : call rsi
jmp
    > 0x0006b666 : push rsp; ret
    > 0x0000c946 : jmp rax
    > 0x00002a87 : jmp rbx
    > 0x000074fd : jmp rcx
    > 0x00001b5a : jmp rdx
load mem
    > 0x000886a6 : mov edi, [rdx]; ret
    > 0x0006b5e0 : mov eax, [rdx + 0x4c]; ret
    > 0x0005ef6d : mov eax, [rdx]; pop rbx; pop rsi; ret
    > 0x0003517b : mov edx, [rax]; mov eax, edx; ret
    > 0x000175b8 : mov eax, [rcx]; mov [rdx], eax; ret
load reg
    > 0x0006b656 : pop rax; ret
    > 0x0000101e : pop rbx; ret
    > 0x000a1e40 : pop rdx; ret
    > 0x00002fdf : pop rsi; ret
    > 0x00001693 : pop rdi; ret
pop pop ret
    > 0x00023f0a : pop r11; ret
    > 0x00002fde : pop rbx; pop rsi; ret
    > 0x00061c65 : pop rbp; pop rsi; pop rdi; ret
    > 0x0006183a : pop rax; pop rbx; pop rsi; pop rdi; ret
    > 0x00014a7f : pop rsp; pop rbx; pop rsi; pop rdi; pop rbp; ret
stack pivoting
    > 0x0000296d : xchg eax, esp; ret
    > 0x0006b92b : mov esp, ecx; ret
    > 0x00002031 : lea esp, [rcx - 4]; ret
    > 0x0000249d : push rsi; pop rsp; pop rbx; pop rsi; pop rdi; ret
    > 0x00062688 : lea esp, [rbp - 8]; pop rbx; pop rsi; pop rbp; ret
syscall
    > 0x00036010 : int 0x80; ret
write mem
    > 0x0005e4eb : add [rcx], esi; ret
    > 0x00008e92 : add [rcx], edi; ret
    > 0x0008c1ba : add [rdx], ecx; ret
    > 0x00029961 : add [rax + 0x5f028d02], ecx; ret
    > 0x00017961 : add [rbx + 0x5e5b04c4], eax; ret

© 2014 - 2019 - Powered by ROPEME | Contact