Hi Borja,
On Mon, Feb 20, 2006 at 01:56:45AM +0100, Borja wrote:
> Hi
>
> Lot of ppl tell me that I did not proper zero the EAX register,so 3 MSB
> of eax corrupt trapping the syscall, but Its OK.
> I successfully run the shellcodes on a debian box,but in gentoo,allways
> SEGFAULT.
>
> There is it, a new log:
>
> ------------------------------------------------------------------------------------------------------------------------------------------------------
>
> petalo shellcode # cat 1.asm
> BITS 32
>
> ;exit()
> xor eax,eax
> xor ebx,ebx
> mov eax,1
> int 0x80
>
> petalo shellcode # nasm -g -f elf 1.asm
> petalo shellcode # ld 1.o
> ld: warning: cannot find entry symbol _start; defaulting to 00000000080480a0
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The above line is self-explanatory, you forget add _start symbol to
your assembler program to let ld do its work properly, i suggest you
that write your assembler programs in a more standard way (to avoid
problems with diferent distros, etc), that's it:
$ cat new1.asm
Section .text
global _start
_start:
xor ebx,ebx ;= mov ebx,0 | 31 db
mov al,1 ;= mov eax,1 | b0 01
int 0x80 ; | cd 80
If you forget add _start symbol the linker don't know when it has to
start to read the code(instruccions). This program should work on any
linux distro.
Then:
$ nasm -f elf new1.asm
and get OPcodes.
I hope that this helps you.
Received on Feb 22 2006
Intro
