D   A   T   A   W   O   K

Creation: January 01 1970
Modified: September 11 2018

ARM Linux Shellcode

Registers conventions

Register Alt.name Usage
r0 a1 First function argument, integer function result
r1 a2 Second function argument
r2 a3 Third function argument
r3 a4 Fourth function argument
r4 v1 Register variable
r5 v2 Register variable
r6 v3 Register variable
r7 v4 Register variable, syscall no
r8 v5 Register variable
r9 v6 (rfp) Register variable, real frame pointer
r10 sl Stack limit
r11 fp Frame (argument) pointer
r12 ip Temporary workspace
r13 sp Stack pointer
r14 lr Link register
r15 pc Program counter

First attempt

Simple shellcode that first calls the write syscall and then the exit one. Lets grep the syscall addresses.

TODO: cerca quelli veri da una distro

$ grep -w '__NR_write\|__NR_exit' /usr/include/asm/unistd.h
#define __NR_exit 1
#define __NR_write 4