Home > Net >  how do I dump the shellcode from an aarch64 binary with objcopy?
how do I dump the shellcode from an aarch64 binary with objcopy?

Time:11-24

I have a simple assembly code (aarch64) as follows,

 mov x1, #1
 mov x1, #2

and I want to convert it to shellcode.

What I did:

#> as simple.s -o simple.o
#> objcopy -O binary simple.o simple.bin

after that, I checked the content of with xxd

#> xxd simple.bin

However, The value 1 and 2 are not seemed in result binary.

0000000: 2100 80d2 4100 80d2                      !...A...

did I use the objcopy wrongly ?

CodePudding user response:

ARM instructions are 32-bit little-endian words, so will be easier to read if you dump them in this format. Use xxd -e simple.bin which outputs:

00000000: d2800021 d2800041                    !...A...

This is the correct encoding for the movz instruction, see the ARMv8 Architecture Reference Manual. The 16-bit immediate is encoded in bits 5-20, which is why the numbers 1 and 2 are not immediately obvious in the hexadecimal representation, but they are there. (Bits 0-4 encode the destination register.) They would be easier to see in binary, but xxd doesn't seem to have a 32-bit little-endian binary mode.

So your output file is perfectly correct.

Page link:https//www.codepudding.com/net/202110.html

Prev:What is the meaning of the output of sensor_rate in this code?
Next:What's the difference between "ldr pc, _boot" and "b _boot"?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding