ropshell> use 2779c8bc71ebc1b1a39ca17bcbc8bc0e (download) name : CodeInjectionTest.elf (arm/ELF) base address : 0x0 total gadgets: 39
ropshell> suggest jmpcall > 0x00000203 : bx lr > 0x000000fd : blx r3 > 0x00000261 : blx r4 load mem > 0x000001bb : ldr r3, [pc, #0x38]; blx r3 > 0x0000025f : ldr r4, [pc, #0xc]; blx r4 > 0x00000281 : ldr r3, [r6, r3]; adds r4, #1; blx r3 > 0x000001fd : ldr r2, [pc, #4]; ldr r3, [pc, #8]; str r2, [r3]; bx lr > 0x0000020f : ldr r1, [r2]; movs r3, #0x80; lsls r3, r3, #0xa; orrs r3, r1; str r3, [r2]; bx lr pop pop ret > 0x000000cf : pop {r4, pc} > 0x000002a7 : pop {r4, r5, r6, pc} > 0x00000357 : pop {r3, r4, r5, r6, r7, pc} write mem > 0x00000217 : str r3, [r2]; bx lr > 0x00000201 : str r2, [r3]; bx lr