如何在NASM中推入64位int? [英] How to push a 64bit int in NASM?

问题描述

我正在尝试推送64位整数，但是在组装NASM时似乎希望将其视为DWORD而不是QWORD.

I'm trying to push a 64bit integer but when assembling NASM seems to want to see it as a DWORD not a QWORD.

我正在使用ASM创建shellcode，我需要将64位DLL注入64位进程中.第一个QWORD是旧的指令指针，第二个是包含DLL地址的地址，第三个是LoadLibrary的地址.占位符在运行时填充.

I'm using ASM to create the shellcode I need to inject a 64bit DLL into a 64bit process. The first QWORD is the old instruction pointer, the second is the address containing the address of the DLL, the third is the address of LoadLibrary. The placeholders are filled in at runtime.

section .text
global _start   

_start:
BITS 64
PUSH QWORD 0xACEACEACACEACEAC
PUSHFQ
push rax
PUSH QWORD 0xACEACEACACEACEAC
MOV RAX, 0xACEACEACACEACEAC
CALL RAX
pop RAX
POPFQ
RETN

推荐答案

没有push imm64指令.作为解决方法，您可以执行以下任一操作:

There is no push imm64 instruction. As a workaround you can do one of the following:

1. 通过寄存器:mov rax, 0xACEACEACACEACEAC; push rax
2. 浏览内存:push qword [rel foo]
3. 将其分为两部分:push dword low32; mov dword [rsp+4], high32或sub rsp,8; mov dword [rsp], low32; mov dword [rsp+4], high32
4. 在您的即时允许的情况下使用符号扩展名

1. go through a register: mov rax, 0xACEACEACACEACEAC; push rax
2. go through memory: push qword [rel foo]
3. write it in two parts: push dword low32; mov dword [rsp+4], high32 or sub rsp,8; mov dword [rsp], low32; mov dword [rsp+4], high32
4. use sign-extension if your immediate allows it

这篇关于如何在NASM中推入64位int?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！