Getting shellcode from asm! macro

I'm trying to write a injector using rust but I've kind of hit an annoying road block. I need to write some assembly as the payloads to inject. Is there some way to reference the internal rustc assembler from within a build script maybe? I know as a last resort I could invoke some other binary from a Makefile/Justfile but I would rather keep things contained within rust.

I've found a solution that works for x86 which happens to fit my specific use case, the iced_x86 crate. However I would still like to know if its possible to interface with the rust assembler to compile to shell code in a more cross platform way.

how can assembly code be "cross platform"? what do you even mean? if you just want to embed the assembly code inside rust code, you can use some global_asm tricks if you know how llvm's module-level assembly works:

I would also like to mention the dynasm crate, which is a assembler engine supporting a custom embedded DSL syntax, ported from the luajit project:

What I mean is to get the actual raw Byte array of compiled opcodes as a variable in rust from some asm file or snippet.

you can get the "raw" bytes of anything (as long the memory layout is well-defined): just transmute, or cast a pointer. you can just export symbols from your assembly code as normal, and reinterpret the symbols as byte pointers. you can achieve this with normal global_asm, or even #[naked] functions.

global_asm is essentially a convinient way to invoke the assember, but from normal rust code. for example, you can even do this:

global_asm!(include_str!("my_asm_file.s"));

What I'm trying to say is:

  • I have some ASM file that I would like to be assembled using the same syntax that the global_asm! macro uses.
  • Instead of linking that asm to the rest of the project, take the raw assembled cpu instructions, as in without ELF or PE headers, and add it as a variable within my rust project, which I could then modify or for example provided as an argument to the PTRACE function for my injector.

Never mind, I just reread your post and realized you gave me the solution. Thanks.

1 Like

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.