ROPSHELL 
ropshell> use f71e966c590bfb1f53ea3410f8b489d4 (download)
name         : libc.so.6 (i386/ELF)
base address : 0x17420
total gadgets: 15645

ropshell> suggest "stack pivoting"
> 0x00098bc3 : xchg eax, esp; ret
> 0x0002e1fd : mov esp, ecx; jmp edx
> 0x001322cb : xchg esp, edi; jmp [esi - 0x70]
> 0x0011717a : lea esp, [ebp - 8]; pop ebx; pop edi; pop ebp; ret
> 0x00127008 : xchg esp, esi; inc [ebx - 0xf76d33c]; pop ebx; pop esi; pop edi; pop ebp; ret
> 0x00059b21 : lea esp, [edi + edi*8 - 1]; jmp [ebp - 0x77]
> 0x000fc8a5 : mov esp, edi; mov ebx, [ecx]; mov esi, [ecx + 4]; mov edi, [ecx + 8]; mov ebp, [ecx + 0xc]; jmp edx
> 0x00050fc5 : lea esp, [eax - 0x76000011]; dec esp; and al, 8; mov ecx, [ebp - 0x103c]; mov [esp], esi; mov [esp + 4], ecx; call [eax + 0x1c]
> 0x000a53aa : leave ; ret

© 2014 - 2019 - Powered by ROPEME | Contact