1

I have been trying to manipulate a string in my .s file i want that the variable "pa" that contains "/bin/bash" be transformed into "/bin/sh" and then i want to make a call to the system that executes "/bin/sh" I have written a print mechanism to make sure that "pa" has "/bin/bash"

I have tried to do this

mov eax,pa
mov [eax+5],[eax+7]; /bin/bash becomes /bin/sash\0
mov [eax+6],[eax+8]; /bin/sash becomes /bin/shsh\0
mov [eax+7],[eax+9]; /bin/shsh becomes /bin/sh\0

but i guess thats not the way it works I am new to NASM

Please help me out

the entire code snippet is below

`section .data
%defstr path %!SHELL
pa db path,10
palen  equ $-pa         

section .text
global _start
_start:
        mov eax,pa
        mov [eax+5],[eax+7]  ; /bin/bash becomes /bin/sash\0
        mov [eax+6],[eax+8]  ; /bin/sash becomes /bin/shsh\0
        mov [eax+7],[eax+9]  ; /bin/shsh becomes /bin/sh\0
        mov eax,4            ; The system call for write (sys_write)
        mov ebx,1            ; File descriptor 1 - standard output
        mov ecx,pa        
        mov edx,palen    
        int 80h            


        mov eax,1            ; The system call for exit (sys_exit)
        mov ebx,0            ; Exit with return code of 0 (no error)
        int 80h
'
Hitesh Dharamdasani
  • 852
  • 1
  • 10
  • 19
  • I'm not familiar with ASM on Linux, but I note that you're passing `palen` as the length, even though the command you're passing is two characters shorter. Should you instead pass `palen - 2`? – Jim Mischel Sep 26 '11 at 19:51
  • that is just to print it. if you can help me with the way i am addressing the eax register after the mov eax,pa instruction i can try and get it right because as far as i can think, I am making a mistake with the addressing – Hitesh Dharamdasani Sep 26 '11 at 20:21
  • hitesh@hitesh-Studio-XPS-1340:~$ nasm -f elf sample.s sample.s:12: error: invalid combination of opcode and operands sample.s:13: error: invalid combination of opcode and operands sample.s:14: error: invalid combination of opcode and operands – Hitesh Dharamdasani Sep 26 '11 at 20:31

1 Answers1

0

It's been a while since I worked with ASM, and I'm not real familiar with NASM, so I could be wrong here. But you might want to give it a shot. . .

The problem is that you can't do a memory-to-memory move like that.

Try this:

mov bx,[eax+7]
mov [eax],bx
mov byte [eax+7], 0

In the future, it would be helpful if you let us know that you were getting an assembler error rather than incorrect output.

Jim Mischel
  • 131,090
  • 20
  • 188
  • 351