Skip to content

Instantly share code, notes, and snippets.

@q3k

q3k/cursed.c

Last active April 3, 2024 09:19
Show Gist options
  • Star 6 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save q3k/e5952111283ea59ee78a7699919a055b to your computer and use it in GitHub Desktop.
Save q3k/e5952111283ea59ee78a7699919a055b to your computer and use it in GitHub Desktop.
Download ZIP
Linux syscalls in .exe executed under Wine
Raw
cursed.c
#include <stdio.h>
#include <string.h>
const char *buf = "hello from linux\n";
char * const argv[] = {
"/bin/sh",
"-c",
"echo 'hello from execve'",
NULL,
};
int main() {
printf("hello from win32\n");
size_t ret;
size_t size = strlen(buf);
asm volatile
(
"syscall"
: "=a" (ret)
: "0"(1), "D"(1), "S"(buf), "d"(size)
: "rcx", "r11", "memory"
);
asm volatile
(
"syscall"
: "=a" (ret)
: "0"(59), "D"(argv[0]), "S"(argv), "d"(0)
: "rcx", "r11", "memory"
);
return 0;
}
@q3k
Copy link
Author

q3k commented Feb 1, 2022

cursed.exe (built in msys2): https://object.ceph-eu.hswaw.net/q3k-personal/b8159d43e0698d...

$ wine cursed.exe
hello from win32
hello from linux
hello from execve

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment