0

If I had an instruction like 00010101 for example, and I had it in ram for programs to access, how would I be able to excecute that instruction in assembly language without using OS functions? I am using Fasm for intel. Thanks.

EDIT: I know this is really crappy code, I havnt even assembled it yet and I know a lot is wrong, but keep in mind this is for learning purposes. This is the part of the code that loads a file with binary instructions and stores it in ram. Once again I know it is very crappy.

loadkernel:
    mov dx, 1F7h
    in dx, bl
    bt bl, 6    ;this reads the sixth bit of bl and stores it in the carry flag(cf)

    cmp cf, 1   ;if bit 6 is one, then the hard drive is signaling that it is ready for the next operation
    jz loadkernel
    clc ;clear carry flag


beginload:
    mov eax, 300h
    mov ecx, eax    ;copy the starting point of the kernel in memory to ecx
    mov ebx, 0  ;clear
    mov edx, 0  ;clear

    mov bl, 1F4h
    out ebx, bl ;give the hard drive the low address of the location of the kernel
    mov bl, 1F5h
    out 0h, bl      ;give the hard drive the high address of the location of the kernel

    mov bl, 1F0h

    in edx, bl   ;read the hard drive
    mov [eax], edx   ;add kernel data to memory
    add eax, 1

    inc ebx     ;move the hard drive reading head thing forward

    mov ip, [eax]   ;mov the instruction pointer to memory, so that the computer excecutes the kernel

    cmp edx, 0AA55h
    jz beginload    ;if 0AA55h is not at the end, then read the next data of the kernel.

2 Answers2

2

Depending on your execution environment, you may have to disable (most) OS's Execute-Disable security for your program. This is put into place so that a vulnerable program is much harder to inject code into. If you're running in a freestanding environment such as DOS or your own kernel, this isn't anything to worry about.

Anyway, all you have to do is this:

mov ax,0x9090 //0x90 is opcode for NOP
mov [code],ax
code:
jmp  foo //this is a 2-byte opcode (so long as it does the "correct" behavior and generate a relative jmp

bar:
hlt //this will get executed "magically"

foo:
//won't get here
Earlz
  • 62,085
  • 98
  • 303
  • 499
  • That is very helpful, this is the fastest/only way? –  Aug 29 '12 at 01:30
  • @kjmcgrinder Of course, you'll want to copy all of your code at once and execute it all at once, but yes, depending on what you want to do. Also note that loading code like this invalidates caches and such and makes this even less performant, so write your code into memory once and don't write it again if not necessary – Earlz Aug 29 '12 at 03:24
1

Simply jump to the address where the instruction is stored.

akluth
  • 8,393
  • 5
  • 38
  • 42
  • Maybe you could provide some code ;-) And yes, even the address. You have to calculate it, this depends where you jump from. Of course the address has to be in the .code section, not in the .data section. – akluth Aug 28 '12 at 15:50
  • doesnt work on an operation system, once you defeat all of the protections then yes it is that trivial, write the instruction(s) somewhere and simply branch to them. this is a duplicate of a self modifying code question – old_timer Aug 28 '12 at 21:39