homecrypto

Syscalls

This page goes over the concept of syscalls in x86-64 architecture

Recall at the end of

x86-64 Assembly Cheatsheet

The mention of syscalls, but let us do a slightly deeper dive...

What Are Syscalls?

  • Syscalls (System Calls) are how programs interact with the operating system (OS).

  • They allow programs to request services from the OS, such as:

    • Reading or writing data (e.g., files, console)

    • Allocating memory

    • Exiting a program

    • Communicating with hardware

How Syscalls Work

  • Syscalls are invoked by placing specific values into CPU registers and using a special instruction.

  • The general steps for performing a syscall in x86_64 Assembly:

    1. rax: Specify the syscall number (which service you want).

    2. Registers: Pass additional arguments:

      • rdi: 1st argument

      • rsi: 2nd argument

      • rdx: 3rd argument

      • r10: 4th argument

      • r8: 5th argument

      • r9: 6th argument

    3. Use the syscall instruction to trigger the system call. Here's a table of syscall numbers for reference https://x64.syscall.sh/

PreviousShellcoding

Last updated