Skip to content

asm() using the incorrect assembler for amd64 architecture #2509

New issue
New issue
Open
Open
asm() using the incorrect assembler for amd64 architecture#2509
Labels
backport-requiredbug
@CuB3y0nd

Description

@CuB3y0nd
CuB3y0nd
opened on Dec 24, 2024

Test Code

#!/usr/bin/python3

from pwn import asm, context

context(os="linux", arch="amd64", log_level="debug", terminal="kitty")

shellcode = asm(
    """
execve:
    lea rdi, [rip+shell]
    mov rsi, 0x0
    mov rdx, 0x0
    mov rax, SYS_execve
    syscall
shell:
    .string "/bin/sh"
    """
)

Debug Output

================================================================================
= Started at 2024-12-24T13:13:56                                               =
= sys.argv = [                                                                 =
=   './test.py',                                                               =
= ]                                                                            =
================================================================================
2024-12-24T13:13:56:DEBUG:pwnlib.asm:cpp -C -nostdinc -undef -P -I/usr/lib/python3.13/site-packages/pwnlib/data/includes /dev/stdin
2024-12-24T13:13:56:DEBUG:pwnlib.asm:Assembling
.section .shellcode,"awx"
.global _start
.global __start
_start:
__start:
.intel_syntax noprefix
.p2align 0
execve:
    lea rdi, [rip+shell]
    mov rsi, 0x0
    mov rdx, 0x0
    mov rax, 59
    syscall
shell:
    .string "/bin/sh"

2024-12-24T13:13:56:DEBUG:pwnlib.asm:/usr/bin/i386-elf-as -64 -o /tmp/pwn-asm-eenxda9n/step2 /tmp/pwn-asm-eenxda9n/step1
2024-12-24T13:13:56:ERROR:pwnlib.asm:There was an error running ['/usr/bin/i386-elf-as', '-64', '-o', '/tmp/pwn-asm-eenxda9n/step2', '/tmp/pwn-asm-eenxda9n/step1']:
It had the exitcode 1.
It had this on stdout:
Assembler messages:
Fatal error: no compiled in support for x86_64


2024-12-24T13:13:56:ERROR:pwnlib.asm:An error occurred while assembling:
   1: .section .shellcode,"awx"
   2: .global _start
   3: .global __start
   4: _start:
   5: __start:
   6: .intel_syntax noprefix
   7: .p2align 0
   8: execve:
   9:     lea rdi, [rip+shell]
  10:     mov rsi, 0x0
  11:     mov rdx, 0x0
  12:     mov rax, 59
  13:     syscall
  14: shell:
  15:     .string "/bin/sh"
Traceback (most recent call last):
  File "/usr/lib/python3.13/site-packages/pwnlib/asm.py", line 776, in asm
    _run(assembler + ['-o', step2, step1])
    ~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/pwnlib/asm.py", line 431, in _run
    log.error(msg, *args)
    ~~~~~~~~~^^^^^^^^^^^^
  File "/usr/lib/python3.13/site-packages/pwnlib/log.py", line 439, in error
    raise PwnlibException(message % args)
pwnlib.exception.PwnlibException: There was an error running ['/usr/bin/i386-elf-as', '-64', '-o', '/tmp/pwn-asm-eenxda9n/step2', '/tmp/pwn-asm-eenxda9n/step1']:
It had the exitcode 1.
It had this on stdout:
Assembler messages:
Fatal error: no compiled in support for x86_64

Environment

λ ~/ neofetch
                   -`                    cub3y0nd@Lux 
                  .o+`                   ------------ 
                 `ooo/                   OS: Arch Linux x86_64 
                `+oooo:                  Host: ASUS TUF Gaming A15 FA506IV_FA506IV 1.0 
               `+oooooo:                 Kernel: 6.12.6-zen1-1-zen 
               -+oooooo+:                Uptime: 2 hours, 43 mins 
             `/:-:++oooo+:               Packages: 1354 (pacman), 10 (flatpak) 
            `/++++/+++++++:              Shell: zsh 5.9 
           `/++++++++++++++:             Resolution: 1920x1080 
          `/+++ooooooooooooo/`           WM: bspwm 
         ./ooosssso++osssssso+`          Theme: TokyoNight-zk [GTK2/3] 
        .oossssso-````/ossssss+`         Icons: TokyoNight-SE [GTK2/3] 
       -osssssso.      :ssssssso.        Terminal: kitty 
      :osssssss/        osssso+++.       CPU: AMD Ryzen 7 4800H with Radeon Graphics (16) @ 2.900GHz 
     /ossssssss/        +ssssooo/-       GPU: NVIDIA GeForce RTX 2060 Mobile 
   `/ossssso+/:-        -:/+osssso+-     GPU: AMD ATI Radeon Vega Series / Radeon Vega Mobile Series 
  `+sso+:-`                 `.-/+oso:    Memory: 7467MiB / 15401MiB 
 `++:.                           `-/+/
 .`                                 `/                           
                                                                 


λ ~/ as --version
GNU assembler (GNU Binutils) 2.43.0
Copyright (C) 2024 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License version 3 or later.
This program has absolutely no warranty.
This assembler was configured for a target of `x86_64-pc-linux-gnu'.
λ ~/ i386-elf-as --version
GNU assembler (GNU Binutils) 2.42
Copyright (C) 2024 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License version 3 or later.
This program has absolutely no warranty.
This assembler was configured for a target of `i386-elf'.
λ ~/ i386-elf-as --help | grep 64
  --32/--64/--x32         generate 32bit/64bit/x32 object
                           default, push, pop, generic32, generic64, i386, i486,
                           movdiri, movdir64b, avx512_bf16, avx512_vp2intersect,
                           generic32, generic64, i8086, i186, i286, i386, i486,
  -mamd64                 accept only AMD64 ISA [default]
  -mintel64               accept only Intel64 ISA
λ ~/ i386-elf-as -64             
Assembler messages:
Fatal error: no compiled in support for x86_64
λ ~/ python                        
Python 3.13.1 (main, Dec  4 2024, 18:05:56) [GCC 14.2.1 20240910] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import pwn
>>> pwn.version
'4.13.1'
>>>

Metadata

Metadata

Assignees

No one assigned

    Labels

    backport-requiredbug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions