Trying to get args and call sys_execve

[cristi92b]

Hello everyone,

I'm trying to write a program that takes two arguments : the path of an executable file and the parameter to launch that executable with.
For example:

Code: [Select]

$ ./program /bin/ping 127.0.0.1
The "check_argc" part seem to work, but the "do_execve" part does not seem to do anything.
Can you please tell me what am I doing wrong?

Code: [Select]

global main

section .text
main:
  push ebp
  mov ebp, esp
check_argc:
  mov eax, [ebp + 8] ; eax <- argc
  cmp eax, 1
  jg do_execve
  jmp done
do_execve:
  mov eax,11 ; linux system call number (11) - sys_execve
  mov ebx,[ebp+16] ; ebx <- argv[1]
  lea ecx,[ebp+16] ; ebx <- &argv[1]
  xor edx,edx
  int 0x80
done:
  leave
  ret

[Frank Kotler]

Well... with a C-style "main", "argc" is at [ebp + 8]. So far so good. The next parameter is at... [ebp + 12]. Oops. And it's "**argv", so we want to dereference it. This works for me:

Code: [Select]

global main

section .text
main:
  push ebp
  mov ebp, esp
check_argc:
  mov eax, [ebp + 8] ; eax <- argc
  cmp eax, 1
  jg do_execve
  jmp done
do_execve:
  mov eax,11 ; linux system call number (11) - sys_execve
  mov ebx,[ebp+12] ; ebx <- argv[1]
  mov ebx, [ebx + 4]
  mov ecx,[ebp+12] ; ebx <- &argv[1]
  add ecx, 4
  xor edx,edx
  int 0x80
done:
  leave
  ret

If you start with "_start:" as an entrypoint and don't do the C startup code, the stack is slightly different...

Best,
Frank

[cristi92b]

Thank you very much!!!