calculator.asm

1. BITS 64
2.  
3. global start
4.  
5. section .text
6.  
7. start:
8.     ; \x48\x31\xd2\x52\x48\xbf\x6c\x63\x75\x6c\x61\x74\x6f\x72\x57\x48\xbf\x61\x63\x4f\x53\x2f\x2f\x43\x61\x57\x48\xbf\x74\x65\x6e\x74\x73\x2f\x2f\x4d\x57\x48\xbf\x2e\x61\x70\x70\x2f\x43\x6f\x6e\x57\x48\xbf\x6c\x63\x75\x6c\x61\x74\x6f\x72\x57\x48\xbf\x74\x69\x6f\x6e\x73\x2f\x43\x61\x57\x48\xbf\x2f\x41\x70\x70\x6c\x69\x63\x61\x57\x48\x89\xe7\x52\x57\x48\x89\xe6\x48\x31\xc0\xb0\x02\x48\xc1\xc8\x28\xb0\x3b\x0f\x05
9.     ; execve("/Applications/Calculator.app/Contents//MacOS//Calculator",
10.     ;        {"/Applications/Calculator.app/Contents//MacOS//Calculator", NULL},
11.     ;        NULL)
12.  
13.     ; rdx = 0
14.     xor     rdx, rdx
15.  
16.     ; rdi = "/Applications/Calculator.app/Contents//MacOS//Calculator"
17.     push    rdx
18.     mov     rdi, 0x726f74616c75636c
19.     push    rdi
20.     mov     rdi, 0x61432f2f534f6361
21.     push    rdi
22.     mov     rdi, 0x4d2f2f73746e6574
23.     push    rdi
24.     mov     rdi, 0x6e6f432f7070612e
25.     push    rdi
26.     mov     rdi, 0x726f74616c75636c
27.     push    rdi
28.     mov     rdi, 0x61432f736e6f6974
29.     push    rdi
30.     mov     rdi, 0x6163696c7070412f
31.     push    rdi
32.     mov     rdi, rsp
33.  
34.     ; rsi = {"/Applications/Calculator.app/Contents//MacOS//Calculator", NULL}
35.     push    rdx
36.     push    rdi
37.     mov     rsi, rsp
38.  
39.     ; store syscall number on RAX
40.     xor     rax,rax                 ;zero out RAX
41.     mov     al,2                    ;put 2 to AL -> RAX = 0x0000000000000002
42.     ror     rax, 0x28               ;rotate the 2 -> RAX = 0x0000000002000000
43.     mov     al,0x3b                 ;move 3b to AL (execve SYSCALL#) -> RAX = 0x000000000200003b
44.     syscall                         ;trigger syscall