0

Look at this very basic shell code:

mov     rax, 1      ; syscall write
mov     rdi, 1      ; fd=1 (stdout)

; push this string on stack: 'hello wd', '\n', 0
push    0x000000000000A
mov     rcx, 'hello wd'
push    rcx
mov     rsi,rsp     ; rsi points on string
mov     rdx,10      ; string size

syscall

This shell code just prints a string on stdout. It works fine, the message is displayed, but i have a segfault after message priting.

Here is how i am compiling it:

nasm -f elf64 s2.asm 
objcopy -O binary --only-section=.text s2.o s2.bin
gcc s2.o -m64 -nostartfiles

There is what i see if i launch ./a.out

hello wd
Segmentation Fault

I just want to understand what is wrong

Thanks

Bob5421
  • 7,757
  • 14
  • 81
  • 175
  • 3
    Invoking the `syscall` prints the string. But what do you think happens when the syscall returns? It's just going to start executing the next instruction, whatever that may be. Since you don't have any more code (say to exit the application), it's going to execute junk and crash. – David Wohlferd Mar 07 '18 at 09:13
  • 1
    The duplicate I found was 32-bit code using 32-bit system calls. `eax=231` / `syscall` is 64-bit `sys_exit_group`. Anyway, single-stepping your code with a debugger would have shown you the problem right away. – Peter Cordes Mar 07 '18 at 09:31

0 Answers0