djg · November 24, 2013 23:31
diff --git a/crap1.crap b/crap1.crap
 #
 # CRAP1 for Darwin-i386-MachO
 # Copyright (C) 2013, Dan Glastonbury <[email protected]>
 #
 # Based on:
 # HEX1 for Linux-i386-ELF
 # Copyright (C) 2001, Edmund GRIMLEY EVANS <[email protected]>
 #

 # _mach_header:                 # struct mach_header
        ce fa ed fe             # magic
        07 00 00 00             # cputype (CPU_TYPE_X86_TYPE_X86)
        03 00 00 00             # cpusubtype (CPU_SUBTYPE_I386_ALL)
        02 00 00 00             # filetype (MH_EXECUTE)
        02 00 00 00             # ncmds
        cc 00 00 00             # sizeofcmds
        00 00 00 00             # flags

 # +28
 # Text Segment                  # struct segment_command
        01 00 00 00             # cmd (LC_SEGMENT)
        7c 00 00 00             # cmdsize = 124
        5f 5f 54 45 58 54 00 00 00 00 00 00 00 00 00 00 # segname[16] = '__TEXT'
        00 10 00 00             # vmaddr = 0x1000
        00 10 00 00             # vmsize = 0x1000
        00 00 00 00             # fileoff
        62 01 00 00             # filesize = 354
        07 00 00 00             # maxprot
        05 00 00 00             # initprot
        01 00 00 00             # nsects
        00 00 00 00             # flags
 # +56
 # Text section                  # struct section
        5f 5f 74 65 78 74 00 00 00 00 00 00 00 00 00 00 # sectname[16] = '__text'
        5f 5f 54 45 58 54 00 00 00 00 00 00 00 00 00 00 # segname[16]  = '__TEXT'
        e8 10 00 00             # addr = 0x10E8
        7a 00 00 00             # size = 0x7A
        e8 00 00 00             # offset = 0xE8
        02 00 00 00             # align
        00 00 00 00             # reloff
        00 00 00 00             # nreloc
        00 00 00 00             # flags
        00 00 00 00             # reserved1
        00 00 00 00             # reserved2
 # +68
 #                               # struct thread_command
        05 00 00 00             # cmd (LC_UNIXTHREAD)
        50 00 00 00             # cmdsize = 80
        01 00 00 00             # flavor = i386_THREAD_STATE
        10 00 00 00             # count
 # state:    dd 0, 0, 0, 0, 0, 0, 0, 0
 #           dd 0, 0, _start, 0, 0, 0, 0, 0
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 # 0, 0, 0, 0
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 # 0, 0, 0, 0
        00 00 00 00 00 00 00 00 49 11 00 00 00 00 00 00 # 0, 0, _start, 0
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 # 0, 0, 0, 0
 # +80 =204

 # Enter here:

 # = 0xe8
 # _syscall:
        cd 80                   # int     80h
        c3                      # ret

 # _exit:
        31 c0                   # xor     eax, eax
        50                      # push    eax
        b0 01                   # mov     al, sys_exit
        e8 f3 ff ff ff          # call    _syscall

 # _getchar:                     # read a byte from stdin
        31 c0                   # xor     eax, eax
        50                      # push    eax
        89 e1                   # mov     ecx, esp
        6a 01                   # push    1             ; read 1 byte
        51                      # push    ecx           ; into [ecx]
        6a 00                   # push    0             ; from stdin
        b0 03                   # mov     al, sys_read
        e8 e2 ff ff ff          # call    _syscall
        85 c0                   # test    eax, eax
        74 e1                   # je      _exit
        83 c4 0c                # add     esp, 12
        58                      # pop     eax           ; result in eax
        c3                      # ret

 # _putchar:                     # write a byte to stdout
        8d 4c 24 04             # lea     ecx, [esp+4]
        31 c0                   # xor     eax, eax
        6a 01                   # push    1             ; write 1 byte
        51                      # push    ecx           ; from [ecx]
        6a 01                   # push    1             ; to stdout
        b0 04                   # mov     al, sys_write
        e8 c7 ff ff ff          # call    _syscall
        83 c4 0c                # add     esp, 12
        c3                      # ret

 # _gethex:
        e8 cb ff ff ff          # call    _getchar
        83 f8 23                # cmp     eax, '#'
        75 0c                   # jne     .l1

 # .loop:
        e8 c1 ff ff ff          # call    _getchar
        83 f8 0a                # cmp     eax, '\n'
        75 f6                   # jne     .loop
        eb ea                   # jmp     _gethex

 # .l1:
        83 e8 30                # sub     eax, '0'
        7c e5                   # jl      _gethex
        83 f8 30                # cmp     eax, '0'
        7c 03                   # jl      .ret
        83 e8 27                # sub     eax, 39

 # .ret:
        c3                      # ret

 # _start:
        e8 d7 ff ff ff          # call    _gethex
        c1 e0 04                # sal     eax, 4
        50                      # push    eax
        e8 ce ff ff ff          # call    _gethex
        01 04 24                # add     [esp], eax
        e8 b0 ff ff ff          # call    _putchar
        58                      # pop     eax
        eb e7                   # jmp     _start
	#
	# CRAP1 for Darwin-i386-MachO
	# Copyright (C) 2013, Dan Glastonbury <[email protected]>
	#
	# Based on:
	# HEX1 for Linux-i386-ELF
	# Copyright (C) 2001, Edmund GRIMLEY EVANS <[email protected]>
	#

	# _mach_header: # struct mach_header
	ce fa ed fe # magic
	07 00 00 00 # cputype (CPU_TYPE_X86_TYPE_X86)
	03 00 00 00 # cpusubtype (CPU_SUBTYPE_I386_ALL)
	02 00 00 00 # filetype (MH_EXECUTE)
	02 00 00 00 # ncmds
	cc 00 00 00 # sizeofcmds
	00 00 00 00 # flags

	# +28
	# Text Segment # struct segment_command
	01 00 00 00 # cmd (LC_SEGMENT)
	7c 00 00 00 # cmdsize = 124
	5f 5f 54 45 58 54 00 00 00 00 00 00 00 00 00 00 # segname[16] = '__TEXT'
	00 10 00 00 # vmaddr = 0x1000
	00 10 00 00 # vmsize = 0x1000
	00 00 00 00 # fileoff
	62 01 00 00 # filesize = 354
	07 00 00 00 # maxprot
	05 00 00 00 # initprot
	01 00 00 00 # nsects
	00 00 00 00 # flags
	# +56
	# Text section # struct section
	5f 5f 74 65 78 74 00 00 00 00 00 00 00 00 00 00 # sectname[16] = '__text'
	5f 5f 54 45 58 54 00 00 00 00 00 00 00 00 00 00 # segname[16] = '__TEXT'
	e8 10 00 00 # addr = 0x10E8
	7a 00 00 00 # size = 0x7A
	e8 00 00 00 # offset = 0xE8
	02 00 00 00 # align
	00 00 00 00 # reloff
	00 00 00 00 # nreloc
	00 00 00 00 # flags
	00 00 00 00 # reserved1
	00 00 00 00 # reserved2
	# +68
	# # struct thread_command
	05 00 00 00 # cmd (LC_UNIXTHREAD)
	50 00 00 00 # cmdsize = 80
	01 00 00 00 # flavor = i386_THREAD_STATE
	10 00 00 00 # count
	# state: dd 0, 0, 0, 0, 0, 0, 0, 0
	# dd 0, 0, _start, 0, 0, 0, 0, 0
	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 # 0, 0, 0, 0
	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 # 0, 0, 0, 0
	00 00 00 00 00 00 00 00 49 11 00 00 00 00 00 00 # 0, 0, _start, 0
	00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 # 0, 0, 0, 0
	# +80 =204

	# Enter here:

	# = 0xe8
	# _syscall:
	cd 80 # int 80h
	c3 # ret

	# _exit:
	31 c0 # xor eax, eax
	50 # push eax
	b0 01 # mov al, sys_exit
	e8 f3 ff ff ff # call _syscall

	# _getchar: # read a byte from stdin
	31 c0 # xor eax, eax
	50 # push eax
	89 e1 # mov ecx, esp
	6a 01 # push 1 ; read 1 byte
	51 # push ecx ; into [ecx]
	6a 00 # push 0 ; from stdin
	b0 03 # mov al, sys_read
	e8 e2 ff ff ff # call _syscall
	85 c0 # test eax, eax
	74 e1 # je _exit
	83 c4 0c # add esp, 12
	58 # pop eax ; result in eax
	c3 # ret

	# _putchar: # write a byte to stdout
	8d 4c 24 04 # lea ecx, [esp+4]
	31 c0 # xor eax, eax
	6a 01 # push 1 ; write 1 byte
	51 # push ecx ; from [ecx]
	6a 01 # push 1 ; to stdout
	b0 04 # mov al, sys_write
	e8 c7 ff ff ff # call _syscall
	83 c4 0c # add esp, 12
	c3 # ret

	# _gethex:
	e8 cb ff ff ff # call _getchar
	83 f8 23 # cmp eax, '#'
	75 0c # jne .l1

	# .loop:
	e8 c1 ff ff ff # call _getchar
	83 f8 0a # cmp eax, '\n'
	75 f6 # jne .loop
	eb ea # jmp _gethex

	# .l1:
	83 e8 30 # sub eax, '0'
	7c e5 # jl _gethex
	83 f8 30 # cmp eax, '0'
	7c 03 # jl .ret
	83 e8 27 # sub eax, 39

	# .ret:
	c3 # ret

	# _start:
	e8 d7 ff ff ff # call _gethex
	c1 e0 04 # sal eax, 4
	50 # push eax
	e8 ce ff ff ff # call _gethex
	01 04 24 # add [esp], eax
	e8 b0 ff ff ff # call _putchar
	58 # pop eax
	eb e7 # jmp _start