NASM elf64 Object File (*.o) to bcc64 *.o to win64 .exe file

[alCoPaUL]

So I was just interested in getting my own personal, not for profit, working Turbo Assembler SDK and stumbled across ilink64.exe in the Trial Distribution of Embarcadero's C++ Builder in RAD Studio 11.3.

I wondered what if I can use NASM for 64-bit Assembly to be paired with The TASM Linker for 64-bit Assembly via bcc64 since the new owners of the software just kept TASM32 to version 5.4 and didn't even bother to make it 64-bit compliant.

so the code works using the instructions..

Code: [Select]

;
; nasmtasm.asm
;
; by alCoPaUL [GIMO] 6/17/2023 NYC
;
; nasm -f elf64 nasmtasm.asm
; bcc64 nasmtasm.o
;
global main
extern printf
section .text
main:sub rsp,28h
lea rdx,x
lea rcx,i
call printf
add rsp,28h
ret
section .data
i:db 25h,73h,0
x:db 27h,'Thereupon he pulled out of his pocket a purse full of gold, ordered liquor, nuts and gingerbread. All was ready in a trice, and he began treating the lads and lasses, giving each a share. Then he took to dancing. Why, it was a treat to look at him! Marusia struck his fancy more than anyone else; so he stuck close to her. The time came for going home.',27h,0

the entrypoint of the assembly language source code has to be "main" for bcc64 to properly link the object file..

and it works..

(EDIT: 6/18/2023 = the colon ( : ) between x and db disappeared and has been restored)

[alCoPaUL]

the resulting executable is 400K bytes tho so prettysure you can bring that down significantly by directly using ilink64.exe..

[alCoPaUL]

if done with appropriate /asm link, the resulting size should be ~ 4k bytes..

but 400k bytes?!?!

likely the created executable carries its libraries to be portable in .exe form (not sure but just a quick hypothesizing)

but this +396K bytes could be meme-d like a big wrapper/"crypter"/engulfer code housing the main .asm code..

at least the resultant code is in x64/win64..

[alCoPaUL]

Sample Code

Tools' Specs
NASM version 2.16.01
Embarcadero C++ Builder in RAD Studio 11.3 (I used the appropriate executables in the Trial version)

And this Win64 Quine below Should Work..

Code: [Select]

;
; csp.asm
;
; alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]
; 10/5/2021 .revision = 6/17/2023
;
; nasm -f elf64 csp.asm
; bcc64 csp.o
;
global main
extern printf
section .text
main:sub rsp,28h
mov al,10
mov bl,95
z:lea r9,a
mov dx,492
r:cmp byte[r9],bl
je s
jmp u
s:mov byte[r9],al
u:inc r9
dec dx
cmp dx,0
jnz r
lea rdx,a
lea rcx,i
call printf
mov al,10
cmp bl,95
xchg al,bl
je z
lea rdx,x
lea rcx,i
call printf
add rsp,28h
ret
section .data
x:db 2Ch,32h,37h,68h,2Ch,30h,0
i:db 25h,73h,0
a:db ';_; csp.asm_;_; alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]_; 10/5/2021 .revision = 6/17/2023_;_; nasm -f elf64 csp.asm_; bcc64 csp.o_;_global main_extern printf_section .text_main:sub rsp,28h_mov al,10_mov bl,95_z:lea r9,a_mov dx,492_r:cmp byte[r9],bl_je s_jmp u_s:mov byte[r9],al_u:inc r9_dec dx_cmp dx,0_jnz r_lea rdx,a_lea rcx,i_call printf_mov al,10_cmp bl,95_xchg al,bl_je z_lea rdx,x_lea rcx,i_call printf_add rsp,28h_ret_section .data_x:db 2Ch,32h,37h,68h,2Ch,30h,0_i:db 25h,73h,0_a:db ',27h,0

db @ a: should be in full straight line..

CMD Windows Console Height X Width = 39 x 159

finally, just some..

C:\>csp.exe <enter>

or

C:\>csp.exe > csp_src.txt <enter>

for the win..

(and that's the half step to pwnquine all Linux distros ---> with printf())

[alCoPaUL]

yes, finally, a quine for all Linux distros with the UNIX C Standard Library..

and it's 64-bit..

Code: [Select]

;
; pwnquinuxx.asm
;
; by alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]
; June 18, 2023 NYC
;
; nasm <dash>f elf64 pwnquinuxx.asm
; gcc <dash>o pwnquinuxx pwnquinuxx.o
;
global main
extern printf
section .text
main:push rbx
mov cl,10
mov bl,45
z:lea r9,[a]
mov dx,612
r:cmp byte[r9],bl
je s
jmp u
s:mov byte[r9],cl
u:inc r9
dec dx
cmp dx,0
jnz r
lea rdi,[i]
lea rax,[a]
mov rsi,rax
xor rax,rax
call printf wrt ..plt
mov cl,10
cmp bl,45
xchg cl,bl
je z
lea rdi,[i]
lea rax,[x]
mov rsi,rax
xor rax,rax
call printf wrt ..plt
pop rbx
ret
section .data
default rel
x:db 2Ch,32h,37h,68h,2Ch,30h,0
i:db 25h,73h,0
a:db ';-; pwnquinuxx.asm-;-; by alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]-; June 18, 2023 NYC-;-; nasm <dash>f elf64 pwnquinuxx.asm-; gcc <dash>o pwnquinuxx pwnquinuxx.o-;-global main-extern printf-section .text-main:push rbx-mov cl,10-mov bl,45-z:lea r9,[a]-mov dx,612-r:cmp byte[r9],bl-je s-jmp u-s:mov byte[r9],cl-u:inc r9-dec dx-cmp dx,0-jnz r-lea rdi,[i]-lea rax,[a]-mov rsi,rax-xor rax,rax-call printf wrt ..plt-mov cl,10-cmp bl,45-xchg cl,bl-je z-lea rdi,[i]-lea rax,[x]-mov rsi,rax-xor rax,rax-call printf wrt ..plt-pop rbx-ret-section .data-default rel-x:db 2Ch,32h,37h,68h,2Ch,30h,0-i:db 25h,73h,0-a:db ',27h,0

./pwnquinuxx or ./pwnquinuxx > pwnquinuxx_src3.txt for the lelz.

[alCoPaUL]

file attached , just in case your computer is in borkbork mode..

[alCoPaUL]

works on BSD

[alCoPaUL]

file splitted coz of size limit..

[alCoPaUL]

The BSD Quine - Final Edition

Tools Used:

NASM version in GhostBSD is 2.16.01 (May 13, 2023)
Clang in GhostBSD is FreeBSD Clang (LLVM) version 15.0.7
 

Code: [Select]

;
; quineB_S_D.asm
;
; by alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]
; June 21, 2023 NYC
;
; nasm <dash>f elf64 quineB_S_D.asm
; cc <dash>o quineB_S_D quineB_S_D.o
;
global main
extern printf
section .text
main:push rbx
mov cl,10
mov bl,45
z:lea r9,[a]
mov dx,610
r:cmp byte[r9],bl
je s
jmp u
s:mov byte[r9],cl
u:inc r9
dec dx
cmp dx,0
jnz r
lea rdi,[i]
lea rax,[a]
mov rsi,rax
xor rax,rax
call printf wrt ..plt
mov cl,10
cmp bl,45
xchg cl,bl
je z
lea rdi,[i]
lea rax,[x]
mov rsi,rax
xor rax,rax
call printf wrt ..plt
pop rbx
ret
section .data
default rel
x:db 2Ch,32h,37h,68h,2Ch,30h,0
i:db 25h,73h,0
a:db ';-; quineB_S_D.asm-;-; by alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]-; June 21, 2023 NYC-;-; nasm <dash>f elf64 quineB_S_D.asm-; cc <dash>o quineB_S_D quineB_S_D.o-;-global main-extern printf-section .text-main:push rbx-mov cl,10-mov bl,45-z:lea r9,[a]-mov dx,610-r:cmp byte[r9],bl-je s-jmp u-s:mov byte[r9],cl-u:inc r9-dec dx-cmp dx,0-jnz r-lea rdi,[i]-lea rax,[a]-mov rsi,rax-xor rax,rax-call printf wrt ..plt-mov cl,10-cmp bl,45-xchg cl,bl-je z-lea rdi,[i]-lea rax,[x]-mov rsi,rax-xor rax,rax-call printf wrt ..plt-pop rbx-ret-section .data-default rel-x:db 2Ch,32h,37h,68h,2Ch,30h,0-i:db 25h,73h,0-a:db ',27h,0


[alCoPaUL]

All of Linux Distros 32-bit Quine (will generate 'WARNINGS' when Linking)

Tools Used (Under Ubuntu)

NASM 2.15.05
gcc 11.3.0

Code: [Select]

;
; pwnqui386nuxx.asm
;
; by alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]
; 6/24/2023 NYC
;
; nasm <dash>f elf32 pwnqui386nuxx.asm
; gcc <dash>m32 <dash>o pwnqui386nuxx pwnqui386nuxx.o
;
;
global main
extern printf
section .text
main:
enter 0,0
mov al,10
mov bl,45
z:lea edx,[a]
mov cx,538
r:cmp byte [edx],bl
je s
jmp u
s:mov byte [edx],al
u:inc edx
dec cx
cmp cx,0
jnz r
push a
push i
call printf
mov al,10
cmp bl,45
xchg al,bl
je z
push x
push i
call printf
leave
ret
section .data
x:db 2Ch,32h,37h,68h,2Ch,30h,0
i:db 25h,73h,0
a:db ';-; pwnqui386nuxx.asm-;-; by alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]-; 6/24/2023 NYC-;-; nasm <dash>f elf32 pwnqui386nuxx.asm-; gcc <dash>m32 <dash>o pwnqui386nuxx pwnqui386nuxx.o-;-;-global main-extern printf-section .text-main:-enter 0,0-mov al,10-mov bl,45-z:lea edx,[a]-mov cx,538-r:cmp byte [edx],bl-je s-jmp u-s:mov byte [edx],al-u:inc edx-dec cx-cmp cx,0-jnz r-push a-push i-call printf-mov al,10-cmp bl,45-xchg al,bl-je z-push x-push i-call printf-leave-ret-section .data-x:db 2Ch,32h,37h,68h,2Ch,30h,0-i:db 25h,73h,0-a:db ',27h,0

must install 32-bit build-essential linkers

Code: [Select]


ubuntu (debian variants)
sudo apt-get install libc6-dev-i386

fedora (red hat variants)
sudo dnf -y install glibc-devel.i686



[alCoPaUL]

For BSD 32-bit via GhostBSD 10.3 i386

#fax about GhostBSD 10.3 i386
based on FreeBSD 10.3 codebase

Tools used under the OS

NASM v2.11.08
FreeBSD clang 3.4.1

Source

Code: [Select]

;
; pwn5_i386four.asm
;
; by alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]
; 6/25/2023 NYC
;
; nasm <dash>f elf32 pwn5_i386four.asm
; cc <dash>m32 <dash>o pwn5_i386four pwn5_i386four.o
;
;
global main
extern printf
section .text
main:
enter 0,0
mov al,10
mov bl,45
z:lea edx,[a]
mov cx,536
r:cmp byte [edx],bl
je s
jmp u
s:mov byte [edx],al
u:inc edx
dec cx
cmp cx,0
jnz r
push a
push i
call printf
mov al,10
cmp bl,45
xchg al,bl
je z
push x
push i
call printf
leave
ret
section .data
x:db 2Ch,32h,37h,68h,2Ch,30h,0
i:db 25h,73h,0
a:db ';-; pwn5_i386four.asm-;-; by alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf]-; 6/25/2023 NYC-;-; nasm <dash>f elf32 pwn5_i386four.asm-; cc <dash>m32 <dash>o pwn5_i386four pwn5_i386four.o-;-;-global main-extern printf-section .text-main:-enter 0,0-mov al,10-mov bl,45-z:lea edx,[a]-mov cx,536-r:cmp byte [edx],bl-je s-jmp u-s:mov byte [edx],al-u:inc edx-dec cx-cmp cx,0-jnz r-push a-push i-call printf-mov al,10-cmp bl,45-xchg al,bl-je z-push x-push i-call printf-leave-ret-section .data-x:db 2Ch,32h,37h,68h,2Ch,30h,0-i:db 25h,73h,0-a:db ',27h,0

How To Pull It Off

1.) Text Editors Built-in The OS Cannot Implement ultra Long Texts (Even Copy/Paste will Auto Word Wrap any ultra Long text) so You Have To Save The uploaded to a file host Source Code From The Browser read as "RAW".
2.) once the source is saved, nasm and cc it with appropriate switches to pwn5_i386four.
3.) ./pwn5_i386four to run.
4.) ./pwn5_i386four > pwn2ndsrc.asm
5.) nasm and cc with appropriate switches the pwn2ndsrc.asm to confirm for successful roundtripping (and that is the 2nd saved source must be assembled and linked properly and run without errors).

GhostBSD Old Repo with i386 builds
https://sourceforge.net/projects/ghostbsdproject/files/release/i386/

~ alCoPaUL [GIMO][As][aBrA][NPA][b8][BCVG][rRlf], 6/25/2023 NYC