Why can't I sys_write from a pointer to stack memory, using int 0x80? [duplicate]

Answer 1

amd64 uses a different method for system calls than int 0x80, although that might still work with 32-bit libraries installed, etc. Whereas on x86 one would do:

mov eax, SYSCALL_NUMBER
mov ebx, param1
mov ecx, param2
mov edx, param3
int 0x80

on amd64 one would instead do this:

mov rax, SYSCALL_NUMBER_64 ; different from the x86 equivalent, usually
mov rdi, param1
mov rsi, param2
mov rdx, param3
syscall

For what you want to do, consider the following example:

        bits 64
        global _start

section .text

_start:
        push            0x0a424242
        mov             rdx, 04h
        lea             rsi, [rsp]
        call            write
        call            exit
exit:
        mov             rax, 60     ; exit()
        xor             rdi, rdi    ; errno
        syscall

write:
        mov             rax, 1      ; write()
        mov             rdi, 1      ; stdout
        syscall
        ret

Answer 2

30 decimal is the code of the ASCII "record separator". Whatever that is, it's probably not a printable character.

30 hexadecimal (30h or 0x30 in NASM parlance), on the other hand, is the code of the ASCII "0".

Also, you need to use the 64-bit ABI.