read(); this is because these functions are simply wrappers around the syscalls, making it much easier for the programmer.
int80instruction. Once it's called, the kernel checks the value stored in RAX - this is the syscall number, which defines what syscall gets run. As per the table, the other parameters can be stored in RDI, RSI, RDX, etc and every parameter has a different meaning for the different syscalls.
execvesyscall, which executes the program passed to it in RDI. RSI and RDX hold
system()function, we can use
/bin/shinstead - all we have to do is pass in a pointer to
/bin/shto RDI, and populate RSI and RDX with
0(this is because both
envpneed to be
NULLto pop a shell).