ROPSHELL 
ropshell> use 1fab4c106642a4dfe4b8a489cc2b3334 (download)
name         : ncat.exe (i386/PE)
base address : 0x401000
total gadgets: 22194

ropshell> suggest "load reg"
> 0x0041e096 : pop eax; ret
> 0x00401b63 : pop ebx; ret
> 0x00405fd7 : pop ecx; ret
> 0x00525a93 : pop edx; ret
> 0x00401be8 : pop esi; ret
> 0x00406238 : pop edi; ret
> 0x0040160b : pop ebp; ret
> 0x0041e0a6 : pop esp; ret
> 0x00471d70 : mov eax, [esp + 0xc]; ret
> 0x00494fbe : popal ; clc ; inc [ebx - 0x3974eb3c]; pop esi; ret
> 0x00522dc8 : mov ecx, [esp + 0xc]; div ecx; ret
> 0x0045dc17 : mov edx, [esp + 4]; mov [edx], ecx; ret
> 0x0044dee5 : mov ebx, [esp + 0x28]; push ebx; call eax
> 0x00449837 : mov esi, [esp + 8]; push esi; call eax
> 0x00442cef : mov edi, [esp + 0x44]; push esi; call edi
> 0x00522014 : mov esp, [esp + 0x5c]; pop edi; pop esi; pop ebx; pop ebp; ret
> 0x0041cd02 : mov ebp, [esp + 0x14]; push ecx; push edx; push ebp; call ebx

© 2014 - 2019 - Powered by ROPEME | Contact