0

I dont know why but when I use the hex of below code as shell code it works:

Section .text global _start _start: mov ebx,0 mov eax,1 int 0x80

but when I use the hex of the below code instead, it does not work and segmentation fault occurres:

Section .text global _start _start: xor ebx,ebx mov al,1 int 0x80

I know that is because of using 'al'. I don`t know why does using of 'eax' works correctly but using 'al' get error?

Thanks a lot.

Ya Ali.

Improve this question

1 Answer 1

Reset to default
1

Because int 0x80 expects 32-bit param. When you pass low 8 bits only (AL), high parts of eax may contain anything (undefined value), so instead of passing 1 you end up passing 0x??????01

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Thanks. I reading 2 books that use 'al' without any error. How can use 'al' correctly?
xor eax, eax\mov al, 1, but why? What's wrong with eax?
In shellcode '\x00' must not be appeared. When we use 'eax' \x00 is appeared. with using of 'al', there is no \x00 anymore
Try zeroing $eax first using the same xor trick you use on $ebx. It's a month later than your question was asked, wheee!

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.