Commit start of new GNU-AS based ASM stubs to prepare for AARCH64 sup…

…port
realoriginal · Mar 18, 2024 · 6001541 · 6001541
1 parent dd88635
commit 6001541
Show file tree

Hide file tree

Showing 10 changed files with 127 additions and 204 deletions.
diff --git a/Makefile b/Makefile
@@ -22,12 +22,8 @@ REPLACE_OBF_STRA_MAKE := 's/OBF_STRA_MAKE(\([^)]*\))/\$(REPLACE_FIX){ obf_stra_m
 REPLACE_OBF_STRW_MAKE := 's/OBF_STRW_MAKE(\([^)]*\))/\$(REPLACE_FIX){ obf_strw_make( \1 ) }/g'
 
 all: $(SOURCE)
-	@ nasm -f win64 asm/x64/GetIp.asm -o bin/GetIp.x64.o
-	@ nasm -f win64 asm/x64/Start.asm -o bin/Start.x64.o
-	@ nasm -f win32 asm/x86/GetIp.asm -o bin/GetIp.x86.o
-	@ nasm -f win32 asm/x86/Start.asm -o bin/Start.x86.o
-	@ $(CC_X64) bin/Start.x64.o bin/GetIp.x64.o bin/*.c crt/*.c -I. $(CFLAGS) $(LFLAGS) -o bin/$(OUTX64)
-	@ $(CC_X86) bin/Start.x86.o bin/GetIp.x86.o bin/*.c crt/*.c -I. $(CFLAGS) $(LFLAGS) -o bin/$(OUTX86)
+	@ $(CC_X64) asm/x64/Start.s bin/*.c crt/*.c asm/x64/GetIp.s -I. $(CFLAGS) $(LFLAGS) -o bin/$(OUTX64)
+	@ $(CC_X86) asm/x86/Start.s bin/*.c crt/*.c asm/x86/GetIp.s -I. $(CFLAGS) $(LFLAGS) -o bin/$(OUTX86)
 	@ python3 scripts/extract.py -f bin/$(OUTX64) -o $(SHLX64)
 	@ python3 scripts/extract.py -f bin/$(OUTX86) -o $(SHLX86)
 

diff --git a/Pipe.c b/Pipe.c
diff --git a/asm/x64/GetIp.asm b/asm/x64/GetIp.asm
diff --git a/asm/x64/GetIp.s b/asm/x64/GetIp.s
@@ -0,0 +1,31 @@
+//
+// GRIMREAPER
+//
+// Austin Hudson
+//
+// suspicious.actor
+//
+
+// Section for our code
+.section .text$C, "xr"
+
+// Exported symbol name
+.globl GetIp
+
+GetIp:
+	// execute the next instruction
+	call	_next_instruction
+
+	_next_instruction:
+	// pop the return address off the stack
+	popq	%rax
+
+	// subtract the difference between the two labels
+	subq	$(_next_instruction - GetIp), %rax
+
+	// return the pointer
+	ret
+
+Leave:
+	// Marker
+	.string "ENDOFCODE"
diff --git a/asm/x64/Start.asm b/asm/x64/Start.asm
diff --git a/asm/x64/Start.s b/asm/x64/Start.s
@@ -0,0 +1,33 @@
+//
+// GRIMREAPER
+//
+// Austin Hudson
+//
+// suspicious.actor
+//
+
+// Section for our code
+.section .text$A, "xr"
+
+// Exported symbol name
+.globl Start
+
+// Imported symbol name
+.extern Entry
+
+Start:
+	// Setup the stack
+	pushq	%rsi
+	movq	%rsp, %rsi
+	andq	$-16, %rsp
+
+	// Execute the entrypoint
+	subq	$32, %rsp
+	call	Entry
+
+	// Cleanup the stack
+	movq	%rsi, %rsp
+	popq	%rsi
+
+	// Return
+	ret
diff --git a/asm/x86/GetIp.asm b/asm/x86/GetIp.asm
diff --git a/asm/x86/GetIp.s b/asm/x86/GetIp.s
@@ -0,0 +1,30 @@
+//
+// GRIMREAPER
+//
+// Austin Hudson
+//
+// suspicious.actor
+//
+
+// Section for our code
+.section .text$C, "xr"
+
+// Exported symbol name
+.globl _GetIp
+
+_GetIp:
+	// execute the next instruction
+	call	__next_instruction
+
+	__next_instruction:
+	// pop the return address off the stack
+	popl	%eax
+
+	// subtract the difference between the two labels
+	subl	$(__next_instruction - _GetIp), %eax
+
+	// return the pointer
+	ret
+
+_Leave:
+	.string "ENDOFCODE"
diff --git a/asm/x86/Start.asm b/asm/x86/Start.asm
diff --git a/asm/x86/Start.s b/asm/x86/Start.s
@@ -0,0 +1,31 @@
+//
+// GRIMREAPER
+//
+// Austin Hudson
+//
+// suspicious.actor
+//
+
+// Section for our code
+.section .text$A, "xr"
+
+// Exported symbol name
+.globl _Start
+
+// Imported symbol name
+.extern _Entry@0
+
+_Start:
+	// Setup the stack
+	pushl	%ebp
+	movl	%esp, %ebp
+
+	// Execute the entrypoint
+	call	_Entry@0
+
+	// Cleanup the stack
+	movl	%ebp, %esp
+	popl	%ebp
+
+	// Return
+	ret