I wrote an assembly code
section .data
text db "Hello, World!", 10
length equ $ - text
section .text
global _start
_start:
mov rax, 1
mov rdi, 1
mov rsi, text
mov rdx, length
syscall
mov rax, 60
mov rdi, 0
syscall
I assembled it using
nasm -f win64 main.asm
and linked it using
link main.obj /subsystem:console /entry:_start /out:main.exe /LARGEADDRESSAWARE:NO
and I ran the ./main file, but it shows nothing. It was suppose to print hello world.
PS C:\Users\user\Documents\Project> ./main
PS C:\Users\user\Documents\Project> nasm -f win64 main.asm; link main.obj /subsystem:console /entry:_start /out:main.exe /LARGEADDRESSAWARE:NO; ./main
Microsoft (R) Incremental Linker Version 14.41.34120.0
Copyright (C) Microsoft Corporation. All rights reserved.
PS C:\Users\user\Documents\Project>
syscallwith RAX=1 means something completely different to a Windows kernel than a Linux kernel. github.com/j00ru/windows-syscalls?tab=readme-ov-file has Windows system-call tables reverse-engineered for various Windows kernel versions (because the numbers aren't stable across versions; unlike Linux, it's not a stable API that anyone is supposed to use directly, only the Windows DLLs are intended to use it.) On some kernel versions, RAX=1 isNtWaitForSingleObject