0

I'm trying to get around some input character restrictions by encrypting some data. However, when i try and XOR rbx back to my desired value I get an error stating operand mismatch. Am i missing something here?

xor esi, esi movabs rbx, 0x4a510d0d4c4b400d xor rbx, 0x2222222222222222 
Share
2
  • Use movl to move a 32-bit immediate to a 64-bit register, use movq instead to sign-extend and movabsq for full 64-bit immediates.
    – Sebastian
    Jun 15 at 1:19
  • 2
    @Sebastian: Or XOR with something that can fit in a sign-extended 32-bit immediate, like 0xffffffffa2222222. The choice appears arbitrary here, since this is just obscuring constants and avoiding 00 bytes in shellcode. In this case it's the constant is 0x68732f2f6e69622f which looks like an ASCII string. So in NASM you could write mov rbx, `hello w\n` ^ 0xffffffffa2222222 / xor rbx, 0xffffffffa2222222. It's annoying when people obscure their ASCII in shellcode source by manually encoding it in hex. Just use an assembler that doesn't suck to make your machine code.Jun 15 at 1:25

0

Browse other questions tagged or ask your own question.