ROPSHELL 
ropshell> use f9dc5b59cf6e3cfe4cd57b3983047a0a (download)
name         : gcdR.exe (i386/PE)
base address : 0x401000
total gadgets: 173

ropshell> suggest
call
    > 0x0040188a : call ebx
    > 0x00401066 : call esi
    > 0x00401cc4 : call edi
    > 0x00401086 : call [eax + 0x51]
    > 0x00401656 : call [ebp - 0x75]
jmp
    > 0x00401b55 : jmp [esi - 0x74]
load mem
    > 0x0040123d : mov eax, [ecx]; call [eax + 4]
    > 0x00401ad8 : mov ecx, [eax + 4]; or [eax], 2; mov [eax + 4], ecx; ret
load reg
    > 0x00401ccf : pop ebx; ret
    > 0x004014dc : pop ecx; ret
    > 0x004017ed : pop esi; ret
    > 0x00401058 : pop ebp; ret
    > 0x00401ccd : pop edi; pop esi; pop ebx; ret
pop pop ret
    > 0x00401058 : pop ebp; ret
    > 0x0040161b : pop ecx; pop ecx; ret
    > 0x00401ccd : pop edi; pop esi; pop ebx; ret
    > 0x004013ca : pop ecx; pop edi; pop esi; pop ebx; mov esp, ebp; pop ebp; ret
stack pivoting
    > 0x00401056 : mov esp, ebp; pop ebp; ret

© 2014 - 2019 - Powered by ROPEME | Contact