trying to emulate linux command in x86_64 assembly

starboy · 05-26-2019, 02:37 PM

I really need your help. so i am basicly trying to emulate Linux rm* command using assembly language :

when i ran strace on the command this is what i've got:

Code:

execve("/bin/rm", ["rm", "test1", "test2"], 0x7ffc85aaee50 /* 56 vars */) = 0
brk(NULL) = 0x556102fd1000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=98111, ...}) = 0
mmap(NULL, 98111, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7ffbf7d17000
close(3) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260\34\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2030544, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffbf7d15000
mmap(NULL, 4131552, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ffbf7717000
mprotect(0x7ffbf78fe000, 2097152, PROT_NONE) = 0
mmap(0x7ffbf7afe000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1e7000) = 0x7ffbf7afe000
mmap(0x7ffbf7b04000, 15072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7ffbf7b04000
close(3) = 0
arch_prctl(ARCH_SET_FS, 0x7ffbf7d16540) = 0
mprotect(0x7ffbf7afe000, 16384, PROT_READ) = 0
mprotect(0x556102aee000, 4096, PROT_READ) = 0
mprotect(0x7ffbf7d2f000, 4096, PROT_READ) = 0
munmap(0x7ffbf7d17000, 98111) = 0
brk(NULL) = 0x556102fd1000
brk(0x556102ff2000) = 0x556102ff2000
openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=4584960, ...}) = 0
mmap(NULL, 4584960, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7ffbf72b7000
close(3) = 0
ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
newfstatat(AT_FDCWD, "test1", {st_mode=S_IFREG|0664, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
geteuid() = 1000
newfstatat(AT_FDCWD, "test1", {st_mode=S_IFREG|0664, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
faccessat(AT_FDCWD, "test1", W_OK) = 0
unlinkat(AT_FDCWD, "test1", 0) = 0
newfstatat(AT_FDCWD, "test2", {st_mode=S_IFREG|0664, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
newfstatat(AT_FDCWD, "test2", {st_mode=S_IFREG|0664, st_size=0, ...}, AT_SYMLINK_NOFOLLOW) = 0
faccessat(AT_FDCWD, "test2", W_OK) = 0
unlinkat(AT_FDCWD, "test2", 0) = 0
lseek(0, 0, SEEK_CUR) = -1 ESPIPE (Illegal seek)
close(0) = 0
close(1) = 0
close(2) = 0
exit_group(0) = ?
+++ exited with 0 +++

here is the code i previously wrote

Code:

global _start

section .text

_start:



mov rax,	87	;sys_unlink
mov rdi, fname
syscall


exit:
mov rax,	60
mov rdi,	80
syscall

section .data

fname : db "test.txt",0

but as you can see i have to declare file name . and i don't wanna do that. now my assumption is to do something with getdents64 sys_call and list files in some buffer and then unlink them. but i don't actually know how to do that. any help would be appreciated. thank you

astrogeek · 05-26-2019, 03:03 PM

Welcome to LQ!

Please place your code snippets inside [CODE]...[/CODE] tags for better readability. You may type those yourself or click the "#" button in the edit controls.

berndbausch · 05-27-2019, 12:51 AM

The asterisk in rm * is interpreted by the shell. The shell performs a directory lookup, and you are right: It's probably getdents. You will have to open the current directory and use the file descriptor thus obtained to make the call to getdents. Then loop over the getdents results and unlink the names.

The getdents man page (see link above) contains a sample C program. I will leave it up to you to turn that into assembly code.

starboy · 06-02-2019, 04:17 PM

So i am trying to make a program that loops through directory, and deletes every file in it, so i am using getdents64 system call to do this. and since getdents returns number of bytes read from directory. i cannot loop through it. so i obviously need to point to the filename in a directory. but i really don't know how to do it,

this code will not work, when you run strace on it you will get this output, obiously i have put the output of a program running without a loop, you can guess what happens when i run it in a loop

strace output:

Code:

execve("./whiper", ["./whiper"], 0x7ffe7ac97400 /* 58 vars */) = 0
open("test", O_RDONLY)                  = 3
getdents64(3, /* 7 entries */, 2040)    = 224
close(3)                                = 0
unlink(0xe0)                            = -1 EFAULT (Bad address)
exit(80)                                = ?
+++ exited with 80 +++

and here is my code:

Code:

global _start

section .data

        dir : db "test",0
        len: equ 2040 		;define buffer size

section .bss
        buffer:  resb len 	


section .text

_start:

	
	;open folder
	mov rax,	2	;sys_open
	mov rdi,	dir	;folder to open
	mov rsi,	0 	;read only
	mov rdx,	0	
	syscall	

	cmp rax,	0       ;if there is no folder go to exit
	jbe exit
list:
	mov rdi,	rax 	;directory in rdi
	mov rax,	217	;sys_getdents64
	mov rsi,	buffer	
	mov rdx,	len     ;length of the 
	syscall
	
	xchg r10,	rax	;save buffer in r10 to loop through it
	xor rax,	rax 	;zero out rax for the next system call
close:
	mov rax,	3	;sys_close
	syscall
unlink:
	cmp r10,	0	;if done, exit the program
	jbe exit    
	mov rax,	87	;sys_unlink
	mov rdi,	r10   	;list of files 
	syscall
	jmp unlink	

exit:
	mov rax,	60 	;sys_exit
	mov rdi,	80
	syscall

astrogeek · 06-02-2019, 06:05 PM

Please post your thread only once. Posting a single thread in the most relevant forum will make it easier for members to help you and will keep the discussion in one place. This thread is being merged with your previous thread of same subject.