0

I need some machine code to give me the current pid. I got the following syscalls 4 = write and 20 = getpid , This is the code I used from another source.

SECTION .data

LookUpDig db "0123456789"             

PIDString db "PID: "
PIDLength equ $-PIDString

SECTION .bss

PID: resb 8                           

SECTION .text

global _start

_start:
    mov eax, 20                 
    int 0x80                       
    mov ebx, 0xA                   
    lea ebp, [PID+6]                  

ASCIIConv: 
    div ebx                           
    mov byte cl, [LookUpDig+edx]      
    mov [ebp], cl                   
    dec ebp                       
    xor edx, edx                   
    inc eax                        
    dec eax                         
    jnz ASCIIConv                    
    jz .printOut                  

.printOut:
    push PIDLength                  
    push PIDString                   
    push 0x1                      
    mov eax, 4                    
    push eax                        
    int 0x80                        
    add esp, 0x10                  
    
    mov [PID+7], byte 0xA            
    
    push 0x8                        
    push PID                     
    push 0x1                       
    mov eax, 4                     
    push eax                        
    int 0x80                      
    add esp, 0x10                    
    mov eax, 0x1                    
    push 0x0                      
    int 0x80

I use this to compile it:

nasm -f elf32 -o try.o try.asm
ld -m elf_i386 -o try try.o

Where try is the asm file im working with. The output I get is nothing and it return normally.

Thanks for any help! :) NOTE: First time ever Ive dealt with Assembly

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
Tiondel
  • 1
  • It's weird that you only zero EDX *after* `div`, not before. It happens to work because Linux happens to zero the registers before entering user-space, and nothing else runs before _start since you linked it as a static executable. It's also weird that you use a lookup table instead of `add dl, '0'` since the ASCII codes for the decimal digits are contiguous (unlike hex). Your `push` instructions before the later `int 0x80` system calls are also weird. Like maybe you were copying from shellcode that used `push 4` / `pop eax` instead of `mov eax,4` (to avoid zeros in the machine code). – Peter Cordes Apr 30 '22 at 11:08
  • Anyway, run `strace ./try` and see what system calls your program makes, and single-step it with GDB to narrow down further. https://stackoverflow.com/tags/x86/info has some asm GDB tips at the bottom. – Peter Cordes Apr 30 '22 at 11:09
  • Looks like your attempt to print the string is just some random guesses without looking up the calling conventions. (as well as a misunderstanding about assemble-time `equ` constants being assemble-time, not magically updating at run-time if you store bytes past the end of the space you reserved for the string.) There are no comments to explain the intended purpose of the instructions. – Peter Cordes Apr 30 '22 at 11:14
  • [How do I print an integer in Assembly Level Programming without printf from the c library?](https://stackoverflow.com/a/46301894) covers int -> string but the example uses a 64-bit `syscall`, which uses a different calling convention for the register args. Still, it does show how to correctly get the pointer and length into registers. – Peter Cordes Apr 30 '22 at 11:16
  • 1
    Oh, you're not claiming to have written this. *This is the code I used from another source*. So the system-call part at the end might not be your nonsense, IDK. [Add 2 numbers and print the result using Assembly x86](https://stackoverflow.com/q/28524535) has a working 32-bit Linux int->string + `write` – Peter Cordes Apr 30 '22 at 11:29
  • Looked up with the strace ./try and I can see the problem is in the write section. It looks like this write(10, "", 0) ) = -1 EBADF – Tiondel Apr 30 '22 at 11:31
  • That would make sense; EBX is still `10` at that point, and you didn't put a pointer in ECX or a length in EDX. – Peter Cordes Apr 30 '22 at 11:35
  • Thank you so much Peter Cordes for such a fast answer! Finally solved it! Changed the push part: push PIDLength , push PIDString , and push 0x1 to mov edx, 0x8, mov exc, pid and mov ebx ,1 – Tiondel Apr 30 '22 at 11:43

0 Answers0