Last active
January 4, 2024 13:53
-
-
Save xenomuta/4450368 to your computer and use it in GitHub Desktop.
httpd.asm: Arguably the world smallest web server. ( for GNU/Linux i386. Compile with nasm )
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| section .text | |
| global _start | |
| _start: | |
| xor eax, eax | |
| xor ebx, ebx | |
| xor esi, esi | |
| jmp _socket | |
| _socket_call: | |
| mov al, 0x66 | |
| inc byte bl | |
| mov ecx, esp | |
| int 0x80 | |
| jmp esi | |
| _socket: | |
| push byte 6 | |
| push byte 1 | |
| push byte 2 | |
| mov esi, _bind | |
| jmp _socket_call | |
| _bind: | |
| mov edi, eax | |
| xor edx, edx | |
| push dword edx | |
| push word 0x6022 | |
| push word bx | |
| mov ecx, esp | |
| push byte 0x10 | |
| push ecx | |
| push edi | |
| mov esi, _listen | |
| jmp _socket_call | |
| _listen: | |
| inc bl | |
| push byte 0x01 | |
| push edi | |
| mov esi, _accept | |
| jmp _socket_call | |
| _accept: | |
| push edx | |
| push edx | |
| push edi | |
| mov esi, _fork | |
| jmp _socket_call | |
| _fork: | |
| mov esi, eax | |
| mov al, 0x02 | |
| int 0x80 | |
| test eax, eax | |
| jz _write | |
| xor eax, eax | |
| xor ebx, ebx | |
| mov bl, 0x02 | |
| jmp _listen | |
| _write: | |
| mov ebx, esi | |
| push edx | |
| push dword 0x0a0d3e31 | |
| push dword 0x682f3c21 | |
| push dword 0x64334e77 | |
| push dword 0x503e3168 | |
| push dword 0x3c0a0d0a | |
| push dword 0x0d6c6d74 | |
| push dword 0x682f7478 | |
| push dword 0x6574203a | |
| push dword 0x65707954 | |
| push dword 0x2d746e65 | |
| push dword 0x746e6f43 | |
| push dword 0x0a4b4f20 | |
| push dword 0x30303220 | |
| push dword 0x302e312f | |
| push dword 0x50545448 | |
| mov al, 0x04 | |
| mov ecx, esp | |
| mov dl, 64 | |
| int 0x80 | |
| _close: | |
| mov al, 6 | |
| mov ebx, esi | |
| int 0x80 | |
| mov al, 6 | |
| mov ebx, edi | |
| int 0x80 | |
| _exit: | |
| mov eax, 0x01 | |
| xor ebx, ebx | |
| int 0x80 |
Also, the purpose of the original httpd.asm was to avoid null bytes.
nash-f's server code is full of 00s, which then trims strings and kills exploitability of some vulnerable string functions.
@xenomuta My apologies. I'm still somewhat new to all of this. I've edited my comment.
Also, thank you for the clarifications, very educational!
@xenomuta My apologies. I'm still somewhat new to all of this. I've edited my comment.
Also, thank you for the clarifications, very educational!
Oh that's ok, no need to apologize. You're welcome.
Keep the good stuff going.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No it's not: