add disassembly

pwn/mrsnowy/README.md

@@ -17,6 +17,10 @@ Something must be wrong with him.
 - `checksec --file=mrsnowy` reports NX being enabled
   - So no shellcode will be placable unless there is executable space
   - This hints to ROP Chaining
+
+
+![dissasembly of investigate function](images/investigate_disass.png)
+
 - The binary should be patched to get rid of the timetaking animation
   - Just `nop` the banner() function call using radare2
 - Overwriting the returnpointer of `investigate()` using pwntools: