ROPSHELL 
ropshell> use 2baf5bfad99c4c4431432c9df390c739 (download)
name         : ntkrnlpa.exe (i386/PE)
base address : 0x401000
total gadgets: 8015

ropshell> suggest "stack pivoting"
> 0x00428097 : xchg eax, esp; ret
> 0x00466db1 : mov esp, ebx; pop ebx; ret
> 0x004623fc : mov esp, ebp; pop ebp; ret
> 0x0042537e : mov esp, edi; pop edi; pop esi; pop ebx; pop ebp; ret 0x10
> 0x0046f69c : lea esp, [esp]; mov eax, ecx; bswap eax; ret
> 0x00462710 : mov esp, ecx; mov ecx, [eax]; mov eax, [eax + 4]; push eax; ret
> 0x0040a2f3 : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact