From 2d6d14a87afdb0eb4a4d81fd981cd825cd2c7824 Mon Sep 17 00:00:00 2001 From: Matt Hunter Date: Sun, 14 Sep 2025 11:52:39 -0400 Subject: Statically define socket endpoint Instead of opening and reading a sockaddr_in struct from an external file at runtime, define this data in the executable with constants. Furthermore, arrange to store this data in a yet unused portion of the main ELF header so it effectively consumes no additional space. It overlaps the ELF "shoff" and "flags", and the program header "align" fields. The full size of struct sockaddr_in is actually 16 bytes, but the last 8 bytes are padding, and failing to zero them out appears to have no adverse effect on behavior. So this padding area will just be populated by the next few fields in the ELF header, interpreted as garbage. In the program code, remove the initial syscalls for open() and read() and their associated error checking. Also remove the error check after connect(), as the program will properly exit without performing any IO without it. Going forward, we make no guarantees about lace's exit status. Signed-off-by: Matt Hunter --- lace_x86.asm | 63 +++++++++++++------------------------------- sockaddr_127-0-0-1_1337.bin | Bin 16 -> 0 bytes 2 files changed, 19 insertions(+), 44 deletions(-) delete mode 100644 sockaddr_127-0-0-1_1337.bin diff --git a/lace_x86.asm b/lace_x86.asm index 12fc1b0..77e8ce9 100644 --- a/lace_x86.asm +++ b/lace_x86.asm @@ -1,5 +1,8 @@ BITS 32 +%define PORT 0x3905 ; TCP port 1337 +%define ADDRESS 0x0100007f ; 127.0.0.1 + org 0x00010000 ; Memory load location ; ELF HEADER CONTENT PROGRAM HEADER TBL ENTRY CONTENT @@ -24,14 +27,11 @@ BITS 32 db 0x00 ; | | db 0x00 ; | | db 0x00 ; | | - db 0x00 ; shoff: 0 (File offset)** align: 0 (No alignment constraints) - db 0x00 ; | | +sockaddr: + db 0x02 ; shoff: ??? (File offset)** align: ??? db 0x00 ; | | - db 0x00 ; | | - db 0x00 ; flags: 0 - db 0x00 ; | - db 0x00 ; | - db 0x00 ; | + dw PORT ; | | + dd ADDRESS ; flags: ??? db 0x34 ; ehsize: 52 db 0x00 ; | db 0x20 ; phentsize: 32 @@ -69,76 +69,51 @@ BITS 32 ; larger than that of the actual output file is of no consequence. _start: - xor edx, edx ; open(argv[1], 0, 0) - xor ecx, ecx - mov ebx, [esp+8] - xor eax, eax - mov al, 5 - int 0x80 - - cmp eax, 0 ; if fail, exit(1) - mov bl, 1 - jl exit - - mov dl, 16 ; read(argv[1], sockaddr, sizeof(sockaddr)) - mov ecx, esp - mov ebx, eax - mov al, 3 - int 0x80 - - cmp eax, 16 ; if fail, exit(2) - mov bl, 2 - jne exit - - push 0 ; socket(AF_INET, SOCK_STREAM, 0) + push 0 ; socket(AF_INET, SOCK_STREAM, 0) push 1 push 2 mov ecx, esp - mov bl, 1 + mov bl, 0x01 mov al, 0x66 int 0x80 - push 16 ; connect(sock, sockaddr, sizeof(sockaddr)) - lea ecx, [esp+16] + push 16 ; connect(fd, sockaddr, sizeof(sockaddr)) + lea ecx, sockaddr push ecx push eax mov ecx, esp - mov bl, 3 + mov bl, 0x03 mov al, 0x66 int 0x80 - cmp eax, 0 ; if fail, exit(3) - mov bl, 3 - jne exit - - xor esi, esi ; pipe(sock_fd, stdin) + xor esi, esi ; pipe(sock_fd, stdin) pop edi call pipe - inc esi ; pipe(stdout, sock_fd) + inc esi ; pipe(stdout, sock_fd) xchg edi, esi call pipe - xor ebx, ebx ; exit(0) + xor ebx, ebx ; exit(0) jmp exit pipe: - mov dl, 0xff ; read(src, buff, sizeof(buff)) + mov dl, 0xff ; read(src, buff, sizeof(buff)) lea ecx, [esp+4] mov ebx, esi mov al, 3 int 0x80 - cmp eax, 0 ; if finished/error, return + cmp eax, 0 ; if finished/error, return jg pipe_cont ret pipe_cont: - mov edx, eax ; write(dst, buff, nb) + mov edx, eax ; write(dst, buff, nb) mov ebx, edi mov al, 4 int 0x80 - jmp pipe ; loop + jmp pipe ; loop exit: xor eax, eax diff --git a/sockaddr_127-0-0-1_1337.bin b/sockaddr_127-0-0-1_1337.bin deleted file mode 100644 index 8078d06..0000000 Binary files a/sockaddr_127-0-0-1_1337.bin and /dev/null differ -- cgit v1.2.3