# CNS/Minithins OFFICIAL IRC BOT # as -o bot.o bot.S defines.h && ld -o bot bot.o # ./bot # # This bot just connects on ircd and answer to ircd's ping. # SYS_exit = 1 SYS_read = 3 SYS_write = 4 SYS_socketcall = 102 SYS_socketcall_socket = 1 SYS_socketcall_connect = 3 AF_INET = 2 SOCK_STREAM = 1 IPPROTO_TCP = 6 STDOUT = 1 .data nodata: .string "There is no data\n" len_nodata = . - nodata userauth: .string "USER Casmbot 0 0 :CNS/Minithins ASM BOT\n" len_userauth = . - userauth nickchange: .string "NICK Casmbot\n" len_nickchange = . - nickchange emptybuffer: .string "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" len_emptybuffer = . - emptybuffer cmd_ping: .string "PING :" len_cmd_ping = . - cmd_ping .text .global _start _start: movl %esp, %ebp ircd_connection: # Socket syscalls make use of only one syscall number: # SYS_socketcall which goes in %eax. # The socket functions are identified via a subfunction numbers located # in /usr/include/linux/net.h and are stored in %ebx. # A pointer to the syscall args is stored in %ecx. # Socket syscalls are also executed with int $0x80. # socket () # int socket(int domain, int type, int protocol); movl $SOCK_STREAM, -8(%ebp) movl $AF_INET, -12(%ebp) movl $IPPROTO_TCP , -4(%ebp) leal -12(%ebp), %ecx movl $SYS_socketcall_socket, %ebx movl $SYS_socketcall, %eax int $0x80 movl %eax, -4(%ebp) # connect () # int connect(int sockfd, struct sockaddr *s_addr, socklen_t addrlen); movw $AF_INET, -20(%ebp) movw $0x0b1a, -18(%ebp) movl $0xf1cb9ac3, -16(%ebp) movl -4(%ebp), %eax movl %eax, -12(%ebp) leal -20(%ebp), %eax movl %eax, -8(%ebp) movl $16, -4(%ebp) leal -12(%ebp), %ecx movl $SYS_socketcall_connect, %ebx movl $SYS_socketcall, %eax int $0x80 push -12(%ebp) # should be ok call wait pop %ebx movl $len_emptybuffer, %edx movl $emptybuffer, %ecx movl $SYS_read, %eax int $0x80 movl $len_userauth, %edx subl $0x01, %edx movl $userauth, %ecx movl $SYS_write, %eax int $0x80 movl $len_nickchange, %edx subl $0x01, %edx movl $nickchange, %ecx movl $SYS_write, %eax int $0x80 movl $len_emptybuffer, %edx movl $emptybuffer, %ecx movl $SYS_read, %eax int $0x80 # # On va devoir ici faire une boucle # afin de read (2) et de parser ce qu'il vient :/ # boucle: call videbuffer movl $255, %edx movl $emptybuffer, %ecx movl $SYS_read, %eax int $0x80 push %ebx # movl $STDOUT, %ebx # movl $SYS_write, %eax # int $0x80 pop %ebx call ping_case call boucle exit: movl $0x2A, -8(%ebp) movl $0x0, -4(%ebp) leal -8(%ebp), %ebx movl $0x0, %ecx movl $162, %eax int $0x80 movl $0x00, %ebx movl $SYS_exit, %eax int $0x80 wait: movl %esp, %ebp movl $0x01, -8(%ebp) movl $0x0, -4(%ebp) leal -8(%ebp), %ebx movl $0x0, %ecx movl $162, %eax int $0x80 ret videbuffer: push %eax push %ecx movl $0, %eax movl $emptybuffer, %ecx tl: movb $0, (%ecx) addl $1, %ecx incb %al cmp $255, %eax jne tl pop %ecx pop %eax ret # # IRC COMMANDS PARSING # ping_case: push %eax push %ecx push %edx push %ebx movl $cmd_ping, %eax movl $emptybuffer, %ecx movl $0, %ebx decl %eax tlpingcase: movl (%ecx), %edx incl %eax incl %ebx incl %ecx cmp (%eax), %edx je tlpingcase cmp $4, %ebx jb fin_ping_case movl $emptybuffer, %ecx incb %cl movb $0x4F, (%ecx) pop %ebx push %ebx movl $20, %edx movl $emptybuffer, %ecx incl %ecx movl $SYS_write, %eax int $0x80 fin_ping_case: pop %ebx pop %edx pop %ecx pop %eax ret # cmd_ping (len_cmd_ping) "PING :"