1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
/* small test program for the lime c interface
*/
#include "int80.h"
#include "lime-interface.h"
static unsigned long helloworld (void);
int
main (int argc, char *argv[])
{
void (* code_f)(void);
unsigned int code_len;
unsigned char code[4096 + 128];
unsigned long addr;
int n;
for (n = 0 ; n < sizeof (code) ; ++n)
code[n] = 0x00;
write (2, "plain: ", 6);
addr = helloworld ();
code_len = lime_generate ((void *) addr,
50,
&code[0], (unsigned long int) &code[0]);
write (2, "limed\n", 6);
code_f = (void (*)(void)) &code[0];
code_f ();
return (0);
}
static unsigned long
helloworld (void)
{
unsigned long address;
__asm__ __volatile__ ("
.global tlab0
.global tlab3
call tlab4
tlab4: popl %%eax
addl $(tlab0 - tlab4), %%eax
jmp tlab3
tlab0: pushf
pusha
movl $0x4, %%eax
movl $0x2, %%ebx
movl $12, %%edx
call tlab1
.asciz \"hello world\\n\"
tlab1: popl %%ecx
int $0x80
tlab2: popa
popf
ret
tlab3: nop"
: "=a" (address) : : "%ebx", "%ecx", "%edx");
return (address);
}
|
