我的代码:
section .data
binsh: db "/bin/sh"
section .text
global start
start
mov rax, 59 ; move syscall execve (59) to rax
mov rdi, binsh ; command
mov rsi, 0 ; argv
mov rdx, 0 ; envp
int 0x80
mov rax, 60 ; move syscall exit (60) to rax
mov rdi, 0 ; exit 0
int 0x80
这不起作用,因为我不知道如何使用execve syscall。
strace正在显示:
execve("./first_assembler", ["./first_assembler"], [/* 67 vars */]) = 0
execve("/bin/sh", NULL, NULL) = -1 EFAULT (Bad address)
exit(0) = ?
<... exit resumed> strace: _exit returned!
) = ?
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0} ---
+++ killed by SIGSEGV (core dumped) +++
execve syscall的正确用法是什么?