Friday, 24 January 2014

ARM Assembly Part 3 - "Hello world" in ARM assembly

0 comments Posted by srini0x00 on 02:00

Background

This article gives you the taste of writing your first program in ARM assembly. The series eventually takes you towards advanced ARM assembly concepts, writing shell code and ARM Exploitation. To follow this series, you need to have the lab setup which is explained here.

We are going to write a very simple program which prints the string "Hello World @androidpentesting.com\n". In order to simplify our task, we will take advantage of system calls to print the string on the output screen and exit the program.

What is System Call?

Operating Systems contain routines to perform various low level operations. If we want to invoke these operating system routines from our program, we need to make system calls.

From Wikipedia, "A system call is how a program requests a service from an operating system's kernel. This may include hardware related services (e.g. accessing the hard disk), creating and executing new processes, and communicating with integral kernel services (like scheduling). System calls provide an essential interface between a process and the operating system."

How do I check the list of systemcalls?

Type in the following command in terminal.

cat /usr/include/asm/unistd.h

In this program, we will use write and exit syscalls as shown in figure 1.1 and figure 1.2. As we can clearly see in the figures, write has the system call number 4 and exit has the system call number 1.
Figure 1.1
Figure 1.2

We can check the man files to know the usage of these syscalls which looks as shown in figure 1.3 and figure 1.4.

Figure 1.3
Figure 1.4

Your First Program

Now open any editor of your choice and type in the following program, then save it as "filename.s". In my case, I am using Vim editor. Every line in the program is self explanatory as i have given explanation in the comments.
Figure 1.5

The registers r0, r1, r2 are being used for data operations. When we work with syscalls, register r7 should be used to store syscall number.

Note: In the next article, we will have a detailed explanation of ARM registers and how we use them.

SVC in the above program is an instruction that generates a supervisor call. Supervisor calls are normally used to request privileged operations or access to system resources from an operating system. In simple words, SVC is used to generate an interrupt(in our case, write and exit).

Once, we are done with writing the program, we have to assemble and link it to the final executable.

Assembling and Linking

Now, we need to assemble and link the program. "as" is the assembler and "ld" is the linker we use.
To assemble the program type in the following commands as shown in figure 1.6

Assembling: as -o filename.o filename.s 
(filename.s is the input to the assembler, filename.o is the output)

Linking:       ld -o filename filename.o 
(filename.o is the input to the linker, filename is the final executable)

./filename                             
(Executing the binary to see the output)

Figure 1.6
Please post your comments if you have any queries or suggestions.

 

Recent posts

Recent Comments

Bookmark & Share