ROPSHELL 
ropshell> use 74d1ec6d52c4251163882e1c3eabe4c4 (download)
name         : steam_api64.dll (x86_64/PE)
base address : 0x13b401000
total gadgets: 3674

ropshell> suggest "load mem"
> 0x13b4037c0 : movzx eax, [rcx]; ret
> 0x13b4031b5 : mov rax, [rcx + 8]; ret
> 0x13b4037d0 : mov eax, [rcx + 4]; ret
> 0x13b417996 : mov rax, [rcx]; add rsp, 0x38; ret
> 0x13b4021d3 : mov r10, [rax]; jmp r10
> 0x13b41458e : movzx ecx, [rdx]; sub eax, ecx; ret
> 0x13b4021d4 : mov edx, [rax]; jmp r10
> 0x13b42a69d : mov rcx, [rdx]; mov [rax], rcx; ret
> 0x13b402a93 : mov r10, [rax + 0x100]; jmp r10
> 0x13b402a94 : mov edx, [rax + 0x100]; jmp r10
> 0x13b402840 : mov r10, [rcx]; jmp [r10 + 0x30]
> 0x13b402841 : mov edx, [rcx]; jmp [r10 + 0x30]
> 0x13b408fcb : mov rsi, [r11 + 0x18]; mov rsp, r11; pop rdi; ret
> 0x13b415287 : mov rdi, [r11 + 0x18]; mov rsp, r11; pop rbp; ret
> 0x13b40af4f : mov rbp, [r11 + 0x18]; mov rsp, r11; pop r14; ret
> 0x13b41721d : mov r14, [r11 + 0x28]; mov rsp, r11; pop rbp; ret
> 0x13b408fcc : mov esi, [rbx + 0x18]; mov rsp, r11; pop rdi; ret
> 0x13b415288 : mov edi, [rbx + 0x18]; mov rsp, r11; pop rbp; ret
> 0x13b40af50 : mov ebp, [rbx + 0x18]; mov rsp, r11; pop r14; ret
> 0x13b406e53 : mov r8, [rcx]; call [r8 + 0x10]
> 0x13b40b97c : movsxd r8, [rdx + rcx]; add r8, r9; add rax, r8; ret
> 0x13b40378e : mov eax, [rdx + 4]; mov [rcx + 4], eax; ret
> 0x13b402ef2 : movzx ecx, [rax + 0xf]; shl eax, 8; or eax, ecx; ret
> 0x13b402ef1 : movzx ecx, [r8 + 0xf]; shl eax, 8; or eax, ecx; ret
> 0x13b40425b : mov rdx, [r13 + 8]; call [rax + 8]
> 0x13b40425c : mov edx, [rbp + 8]; call [rax + 8]
> 0x13b4044b6 : mov esi, [rcx + 0xc]; call [rax + 0x10]
> 0x13b409f28 : mov rax, [rbx]; mov r9, [rip + 0x223ee]; call r9
> 0x13b41dac2 : mov rax, [rdx]; mov [rax], cl; inc [rdx]; movzx eax, cl; ret
> 0x13b409f29 : mov eax, [rbx]; mov r9, [rip + 0x223ee]; call r9
> 0x13b41dac3 : mov eax, [rdx]; mov [rax], cl; inc [rdx]; movzx eax, cl; ret
> 0x13b404f6f : mov rax, [r11 + 8]; mov [rax + 0x18], 1; mov rax, r9; ret
> 0x13b404f70 : mov eax, [rbx + 8]; mov [rax + 0x18], 1; mov rax, r9; ret
> 0x13b41fc23 : movzx ecx, [rax]; inc rax; mov [rdx], rax; mov eax, ecx; add rsp, 0x28; ret
> 0x13b415283 : mov rbx, [r11 + 0x10]; mov rdi, [r11 + 0x18]; mov rsp, r11; pop rbp; ret
> 0x13b42a676 : mov ecx, [rdx + 8]; mov [rax], r8; mov [rax + 8], ecx; ret
> 0x13b420925 : mov rcx, [rax + 0x60]; mov eax, [rcx + 0xbc]; shr eax, 8; and al, 1; ret
> 0x13b42a544 : mov rcx, [rdx + rcx]; bswap rax; bswap rcx; cmp rax, rcx; sbb eax, eax; sbb eax, -1; ret
> 0x13b40b978 : mov rcx, [r9 + rcx]; movsxd r8, [rdx + rcx]; add r8, r9; add rax, r8; ret
> 0x13b405060 : mov rdx, [rcx + 8]; lea rax, [rip + 0x276bd]; test rdx, rdx; cmovne rax, rdx; ret
> 0x13b405061 : mov edx, [rcx + 8]; lea rax, [rip + 0x276bd]; test rdx, rdx; cmovne rax, rdx; ret
> 0x13b4072e2 : mov rax, [r14]; lea rdx, [rsp + 0x4a0]; mov rcx, r14; call [rax + 0x10]
> 0x13b42a673 : mov r8, [rdx]; mov ecx, [rdx + 8]; mov [rax], r8; mov [rax + 8], ecx; ret
> 0x13b4072e3 : mov eax, [rsi]; lea rdx, [rsp + 0x4a0]; mov rcx, r14; call [rax + 0x10]
> 0x13b40e2d6 : movsxd rcx, [r10]; lea rax, [r10 + 4]; mov [r8 + 8], rax; mov [r8 + 0x30], rcx; ret
> 0x13b4044fc : mov r9, [r14]; movzx r8d, [rsp + 0x60]; mov r10, [rcx]; call [r10]
> 0x13b4044fd : mov ecx, [rsi]; movzx r8d, [rsp + 0x60]; mov r10, [rcx]; call [r10]
> 0x13b4077e8 : mov rax, [r10]; lea r9, [rip + 0x24c0e]; xor edx, edx; mov rcx, r10; call [rax + 0x60]
> 0x13b4044af : mov rcx, [rbx + 0x28]; mov rax, [rcx]; mov esi, [rcx + 0xc]; call [rax + 0x10]
> 0x13b4044b0 : mov ecx, [rbx + 0x28]; mov rax, [rcx]; mov esi, [rcx + 0xc]; call [rax + 0x10]
> 0x13b402bdf : movsxd rcx, [r11]; lea eax, [rcx + 1]; mov [r11], eax; mov [rcx + r11 + 5], r10b; inc [r11]; ret
> 0x13b40e331 : mov eax, [r8 + 0x48]; mov edx, [r10 - 4]; shr edx, cl; add eax, edx; mov [r8 + 8], r10; mov [r8 + 0x30], rax; ret
> 0x13b40b970 : movsxd r9, [rdx + 4]; movsxd rdx, [rdx + 8]; mov rcx, [r9 + rcx]; movsxd r8, [rdx + rcx]; add r8, r9; add rax, r8; ret

© 2014 - 2019 - Powered by ROPEME | Contact