Author Topic: Trying to get args and call sys_execve  (Read 9454 times)

Offline cristi92b

  • Jr. Member
  • *
  • Posts: 2
Trying to get args and call sys_execve
« on: October 18, 2015, 08:02:15 PM »
Hello everyone,

I'm trying to write a program that takes two arguments : the path of an executable file and the parameter to launch that executable with.
For example:
Code: [Select]
$ ./program /bin/ping 127.0.0.1
The "check_argc" part seem to work, but the "do_execve" part does not seem to do anything.
Can you please tell me what am I doing wrong?

Code: [Select]
global main

section .text
main:
  push ebp
  mov ebp, esp
check_argc:
  mov eax, [ebp + 8] ; eax <- argc
  cmp eax, 1
  jg do_execve
  jmp done
do_execve:
  mov eax,11 ; linux system call number (11) - sys_execve
  mov ebx,[ebp+16] ; ebx <- argv[1]
  lea ecx,[ebp+16] ; ebx <- &argv[1]
  xor edx,edx
  int 0x80
done:
  leave
  ret

Offline Frank Kotler

  • NASM Developer
  • Hero Member
  • *****
  • Posts: 2667
  • Country: us
Re: Trying to get args and call sys_execve
« Reply #1 on: October 19, 2015, 03:15:43 AM »
Well... with a C-style "main", "argc" is at [ebp + 8]. So far so good. The next parameter is at... [ebp + 12]. Oops. And it's "**argv", so we want to dereference it. This works for me:
Code: [Select]
global main

section .text
main:
  push ebp
  mov ebp, esp
check_argc:
  mov eax, [ebp + 8] ; eax <- argc
  cmp eax, 1
  jg do_execve
  jmp done
do_execve:
  mov eax,11 ; linux system call number (11) - sys_execve
  mov ebx,[ebp+12] ; ebx <- argv[1]
  mov ebx, [ebx + 4]
  mov ecx,[ebp+12] ; ebx <- &argv[1]
  add ecx, 4
  xor edx,edx
  int 0x80
done:
  leave
  ret

If you start with "_start:" as an entrypoint and don't do the C startup code, the stack is slightly different...

Best,
Frank




Offline cristi92b

  • Jr. Member
  • *
  • Posts: 2
Re: Trying to get args and call sys_execve
« Reply #2 on: October 19, 2015, 07:46:30 AM »
Thank you very much!!!