Free Online ROP Gadgets Search

ropshell> use a27f2d7915fd455a2c4147e4b70bbd98 (download)
name         : EQNEDT32.EXE (i386/PE)
base address : 0x401000
total gadgets: 4450

ropshell> suggest "load mem"
> 0x0044c8b8 : mov ecx, [eax]; mov eax, [eax + 4]; push eax; ret
> 0x0041ce67 : mov eax, [ebp + 8]; push eax; call [ebp + 0x10]
> 0x0044e8c3 : mov eax, [edx]; sub eax, ecx; cmp eax, 1; sbb eax, eax; and eax, edx; ret
> 0x0044dd6d : mov eax, [esi + 0x810]; pop esi; pop ebx; lea eax, [eax + edx + 0x100]; ret
> 0x0044fe6b : mov eax, [edi]; pop edi; mov [eax + esi], ebx; xor eax, eax; pop esi; pop ebx; ret
> 0x00450dca : mov eax, [ebp]; pop ebp; pop edi; pop esi; lea eax, [eax + ebx + 1]; pop ebx; ret
> 0x0044e340 : mov ecx, [esi]; lea eax, [ecx + 1]; mov [esi], eax; xor eax, eax; mov al, [ecx]; pop esi; ret
> 0x0044d0d1 : mov ecx, [ebp + 8]; mov [ebx + 8], ecx; mov [ebx + 4], eax; mov [ebx + 0xc], ebp; pop ecx; pop ebx; ret 4
> 0x0044c412 : mov esi, [edx + 0xc]; mov eax, [esp + 8]; cmp eax, 1; adc eax, 0; mov esp, [edx + 0x10]; add esp, 4; jmp [edx + 0x14]