ROPSHELL 
ropshell> use 6886a7d522b453a57f0a69191236326b (download)
name         : ntdll.dll (x86_64/PE)
base address : 0x180001000
total gadgets: 6630

ropshell> suggest "load reg"
> 0x18000521c : pop rax; ret
> 0x180001297 : pop rbx; ret
> 0x180091719 : pop rcx; ret
> 0x1800f0f8b : pop rdx; ret
> 0x18000123d : pop rsi; ret
> 0x180001309 : pop rdi; ret
> 0x1800010ff : pop rbp; ret
> 0x180004369 : pop rsp; ret
> 0x180066a9b : pop r8; ret
> 0x18008ebc8 : pop r11; ret
> 0x180004368 : pop r12; ret
> 0x180004633 : pop r13; ret
> 0x18000333e : pop r14; ret
> 0x180007d14 : pop r15; ret
> 0x18008ebc6 : pop r10; pop r11; ret
> 0x18008ebc4 : pop r9; pop r10; pop r11; ret
> 0x1800d6206 : mov rax, [rsp + 8]; ret
> 0x18002d00e : mov rbx, [rsp + 0x10]; ret
> 0x18007de19 : mov rsi, [rsp + 0x10]; ret
> 0x180007fbd : mov rdi, [rsp + 0x10]; ret
> 0x1800d6207 : mov eax, [rsp + 8]; ret
> 0x18002d00f : mov ebx, [rsp + 0x10]; ret
> 0x18007de1a : mov esi, [rsp + 0x10]; ret
> 0x180007fbe : mov edi, [rsp + 0x10]; ret
> 0x1800a4333 : mov r11, [rsp + 8]; add rsp, 0x10; ret
> 0x1800de41d : mov rcx, [rsp + 0x110]; call rax
> 0x180076f24 : mov r12, [rsp + 0x38]; pop r15; pop r14; pop r13; ret
> 0x1800de41e : mov ecx, [rsp + 0x110]; call rax
> 0x180076f25 : mov esp, [rsp + 0x38]; pop r15; pop r14; pop r13; ret
> 0x180108e77 : mov rbp, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x1800a3256 : mov r9, [rsp + 0x38]; add rsp, 0x48; jmp rax
> 0x180108e78 : mov ebp, [rsp + 0x10]; mov rdi, [rsp + 0x18]; ret
> 0x1800a432f : mov r10, [rsp]; mov r11, [rsp + 8]; add rsp, 0x10; ret
> 0x1800a4330 : mov edx, [rsp]; mov r11, [rsp + 8]; add rsp, 0x10; ret
> 0x1800a3508 : mov rdx, [rsp + 0x38]; mov [rsp + 0x48], rdx; add rsp, 0x48; ret
> 0x1800a3251 : mov r8, [rsp + 0x30]; mov r9, [rsp + 0x38]; add rsp, 0x48; jmp rax

© 2014 - 2019 - Powered by ROPEME | Contact