Section .text
        global _start

_start:
        jmp short GoToCall

shellcode:
        pop             esi
        xor             eax, eax
        mov byte        [esi+7], al
        lea             ebx, [esi]
        mov long        [esi + 8], ebx
        mov long        [esi + 12], eax
        mov byte        al, 0x0b
        mov             ebx, [esi]
        lea             ecx, [esi + 8]
        lea             edx, [esi + 12]
        int             0x80

GoToCall:
        Call shellcode
        db      "/bin/shJAAAABBBB"

编译上面的shellcode后，我得到了下面的反汇编。在第 3 行，我遇到了 Segmentaion 错误。

(gdb) disassemble shellcode 
Dump of assembler code for function shellcode:
   0x08049002 <+0>: pop    %esi
   0x08049003 <+1>: xor    %eax,%eax
=> 0x08049005 <+3>: mov    %al,0x7(%esi)
   0x08049008 <+6>: lea    (%esi),%ebx
   0x0804900a <+8>: mov    %ebx,0x8(%esi)
   0x0804900d <+11>:    mov    %eax,0xc(%esi)
   0x08049010 <+14>:    mov    $0xb,%al
   0x08049012 <+16>:    mov    (%esi),%ebx
   0x08049014 <+18>:    lea    0x8(%esi),%ecx
   0x08049017 <+21>:    lea    0xc(%esi),%edx
   0x0804901a <+24>:    int    $0x80
End of assembler dump.
(gdb) printf "%s", $esi
/bin/shJAAAABBBB(gdb) printf "%s", $esi+7
JAAAABBBB(gdb) si

Program received signal SIGSEGV, Segmentation fault.
0x08049005 in shellcode ()
(gdb)