ROPSHELL 
ropshell> use 2430a226abc3e296d3c8468997fa83fe (download)
name         : onewrite-390417ba15a4e5ad7ea0507a21e7dc1ef03eb1805750a0e786f2066a68445786 (x86_64/ELF)
base address : 0x82e0
total gadgets: 7492

ropshell> suggest
call
    > 0x00009087 : call rax
    > 0x0004b85d : call rbx
    > 0x0007a39d : call rdx
    > 0x0001c763 : call rsi
    > 0x0004bd0a : call rdi
jmp
    > 0x0001ccbb : push rsp; ret
    > 0x000088ff : jmp rax
    > 0x00078551 : jmp rbx
    > 0x00028a44 : jmp rcx
    > 0x0000db25 : jmp rdx
load mem
    > 0x00076bfa : mov eax, [rcx]; ret
    > 0x000852b7 : mov rax, [rsi + 0x10]; ret
    > 0x000845a0 : mov rax, [rdi + 0x90]; ret
    > 0x000852b8 : mov eax, [rsi + 0x10]; ret
    > 0x000845a1 : mov eax, [rdi + 0x90]; ret
load reg
    > 0x000460ac : pop rax; ret
    > 0x00008cd8 : pop rbx; ret
    > 0x000484c5 : pop rdx; ret
    > 0x0000d9f2 : pop rsi; ret
    > 0x000084fa : pop rdi; ret
pop pop ret
    > 0x000484c4 : pop r10; ret
    > 0x00009d7b : pop r12; pop r13; ret
    > 0x0000d9ed : pop r12; pop r13; pop r14; ret
    > 0x000084f3 : pop r12; pop r13; pop r14; pop r15; ret
    > 0x00009f9d : pop r12; pop r13; pop r14; pop r15; pop rbp; ret
sp lifting
    > 0x000563d9 : add rsp, 0x148; ret
    > 0x000563d9 : add rsp, 0x148; ret
    > 0x0001f1c8 : add rsp, 0x28; ret
    > 0x00046128 : add rsp, 0x38; ret
    > 0x00079e28 : add rsp, 0x48; ret
stack pivoting
    > 0x00084af9 : mov rsp, rcx; ret
    > 0x0006c238 : xchg eax, esp; ret
    > 0x00084afa : mov esp, ecx; ret
    > 0x0007a4c8 : mov rsp, r8; mov rbp, r9; jmp rdx
    > 0x0007fde4 : xchg esp, edi; jmp [rsi + 0xf]
syscall
    > 0x0006e605 : syscall ; ret
write mem
    > 0x00043998 : adc [rbx], eax; ret
    > 0x00074e1d : adc [rax + 0x39], ecx; ret
    > 0x00035046 : adc [rcx + 7], rdi; ret
    > 0x00035047 : adc [rcx + 7], edi; ret
    > 0x0004361e : adc [rsi + 3], rdx; ret

© 2014 - 2019 - Powered by ROPEME | Contact