ropshell> use fd635dde8a2c5df766008b4cc7a113ec (download)
name         : p3 (x86_64/ELF)
base address : 0x4003c0
total gadgets: 13008

ropshell> suggest "load reg"
> 0x00400f09 : pop rax; ret
> 0x00400a13 : pop rbx; ret
> 0x004a20d5 : pop rdx; ret
> 0x00402f42 : pop rsi; ret
> 0x00401b1c : pop rdi; ret
> 0x00400655 : pop rbp; ret
> 0x00401acf : pop rsp; ret
> 0x004a20d4 : pop r10; ret
> 0x00401ace : pop r12; ret
> 0x00401994 : pop r13; ret
> 0x00402f41 : pop r14; ret
> 0x00401b1b : pop r15; ret
> 0x0046c15e : pop r8; cdqe ; ret
> 0x00445170 : mov rax, [rsp - 0x18]; ret
> 0x00402d67 : mov rdx, [rsp - 0x10]; ret
> 0x0048694c : mov r13, [rsp - 8]; ret
> 0x004ced44 : mov r14, [rsp - 8]; ret
> 0x0049f7bb : mov eax, [rsp - 0x14]; ret
> 0x00402d68 : mov edx, [rsp - 0x10]; ret
> 0x004ced45 : mov esi, [rsp - 8]; ret
> 0x0048694d : mov ebp, [rsp - 8]; ret
> 0x0040130b : pop rcx; xor al, [rax]; pop rbx; ret
> 0x00403b0a : mov rbx, [rsp]; add rsp, 0x18; ret
> 0x00403b0b : mov ebx, [rsp]; add rsp, 0x18; ret
> 0x0040411d : mov rbp, [rsp + 0x10]; add rsp, 0x18; ret
> 0x00400ab1 : mov r12, [rsp + 0x10]; add rsp, 0x18; ret
> 0x004587d7 : mov r15, [rsp + 0x130]; add rsp, 0x138; ret
> 0x004587d8 : mov edi, [rsp + 0x130]; add rsp, 0x138; ret
> 0x00400ab2 : mov esp, [rsp + 0x10]; add rsp, 0x18; ret
> 0x0040f16f : mov rcx, [rsp + 0x28]; call r11
> 0x004a4204 : mov rsi, [rsp + 0x28]; call r12
> 0x004adec0 : mov rdi, [rsp + 0x28]; call rbp
> 0x0040f170 : mov ecx, [rsp + 0x28]; call r11
> 0x0040ddd4 : mov r10, [rsp + 0x60]; mov [rsp], r10; call [rax + 0x10]
> 0x004a41f9 : mov r9, [rsp + 0x18]; mov rcx, r14; mov rdx, rbp; mov rsi, [rsp + 0x28]; call r12
> 0x00446143 : mov r8, [rsp]; mov rcx, [rsp + 8]; mov rsi, r12; mov rax, [rdi]; call [rax + 0x40]
> 0x004d077a : mov r11, [rsp + 0x30]; mov rdx, [rsp + 0x38]; mov rcx, [rsp + 0x40]; add rsp, 0x50; jmp [rax]
> 0x00408894 : pop r9; mov [rbx + 0xe0], al; mov [rbx + 0xe1], 1; mov rbx, [rsp + 8]; mov rbp, [rsp + 0x10]; add rsp, 0x18; ret