1

I am new to assembly language and took quite some time to understand and write a code. Currently I have to use mmap to load a file and execute the lines written in that file. This other (lets say call.nasm) file contains the following exit code:

mov rdi,0    
mov rax,60   ; exit(2) 
syscall

I have to call this exit from current.nasm. I was able to successfully map call.nasm file but unable to read the file and execute the exit system call. Here is the mapping and read code in current.nasm for mapping call.nasm:

mov     rdi,filepath   
mov     rsi,0           
mov     rdx,0           
mov     rax,2           ; open(2)
syscall

mov     rdi,0           
mov     rsi,bytes         ; bytes for mapping
mov     rdx,1           
mov     r10,0x02        ; MAP_PRIVATE 
mov     r12,rax          ; fd
mov     r9,0            ; offset
mov     rax,9           ; mmap(2)
syscall

mov     rdi,rax         ; fd
mov     rsi,[r8]       ; buffer
mov     rdx,1024        ; count
mov     rax,0           ; read(2)
syscall

This is written in x86_64 nasm. I have even changed the permission of the call.nasm file but so far I was not able to read or execute the lines in the other file. When I run strace to execute current.nasm file I get a -1 EBADF (Bad file descriptor) error for read operation.

Any help will be appreciated. Thanks.

UPDATE: I was able to solve the error -1 EBADF (Bad file descriptor). Thanks to @PeterCordes for pointing out the mistake. The following code for read fixed the error:

mov     rdi,r12         ; fd
mov     rsi,buffer       ; buffer
mov     rdx,bytes        ; count
mov     rax,0           ; read(2)
syscall

For jumping to the exit code had to just point to the memory address. My bad that I was pointing to .nasm and not the binary file that I compiled into for mmap.

phoenix
  • 13
  • 5
  • Are you trying to mmap some machine code into memory and jump to it? Machine code comes in instructions, not lines. Also, this is not a [mcve]. Use a debugger and / or `strace` to see the system calls you're actually making, and describe in more detail what sequence of system calls and jumps you want to execute. – Peter Cordes Sep 03 '20 at 00:59
  • I am trying to map a file containing a system call and execute that call from this file. I have updated the question for some more clarity. – phoenix Sep 03 '20 at 01:44
  • 1
    The CPU can't execute asm source lines. You have to assemble a `.asm` into a flat binary before you can mmap it and jump into it. But separate from that, `-EBADF` tells you you're not even passing the right fd to `read`. It looks like you're passing the `mmap` return value (a pointer) to read, instead of the same FD from the `open` system call. – Peter Cordes Sep 03 '20 at 02:32
  • Thanks for pointing out the mistake. I am able to read properly now by passing fd. Also I did assemble .asm into a flat binary and mmap it. However I am not sure how to jump to this system call after mmap. Can you please provide some examples for this? – phoenix Sep 03 '20 at 02:52
  • I had answered this at some point here at SO, you need to mark the mmap section as executable, it will let you write the machine code to it but to execute took some extra work either to figure out the mmap call or something else was required I dont remember off hand. It is doable though. As far as jumping to the code you just jump to that address where you copied the machine code. – old_timer Sep 03 '20 at 03:03
  • https://stackoverflow.com/questions/4812869/how-to-write-self-modifying-code-in-x86-assembly/4819124#4819124 you can of course do this in all assembly language if you dont want to use C. (all I did to solve this the first time was to google stuff which anyone can do, no magic). – old_timer Sep 03 '20 at 03:05
  • Thanks I solved it. I was not pointing to the binary file. Thank you for all your help @PeterCordes – phoenix Sep 03 '20 at 03:09
  • Thanks for your help and suggestions @old_timer – phoenix Sep 03 '20 at 03:15

0 Answers0