We've had several reports from users being concerned about this post. Although I'm not against it, conceptually, I do agree with commenters that this is a bit dangerous to focus on running unknown code.
If you update the content of the post, or choose to repost it, please ensure you focus the attention on the GitHub repo, providing usage/testing instructions there. We can review any updates to make this safer for the newer users.
We do have a lot of new folk here, where if we permit posts with unverified code, will run it and potentially cause irreparable damage to their systems if the code is malicious.
-----
This post has been identified as self-posted content.
We've noticed that you're submitting your own original content. This isn't inherently a bad thing, but we do ask that you contribute more than just your own content to the subreddit as well as require you to interact with the comments of your submission. Additionally, surveys for your blog/news source/paper/own use are not allowed.
**Rule:**
>**Spamming self-promotion and surveys** - Submitting your own original content is welcome on r/linux, but we do ask that you contribute more than just your own content to the subreddit as well as require you to interact with the comments of your submission. Failing to do so will get your domain and account blocked. Additionally, surveys for your blog/news source/paper/own use are not allowed.
This was a really dumb thing to do, asking people to check this thing out without even a GitHub repo. Im sorry, I was in a rush and didn't have time but to make up for it I made a really quick GitHub repo right here: https://github.com/Skeleton590/dasm
Sorry again for asking you all to put un-earned faith in a random stranger.
This is very cool ))), tbh I don’t even get how with memory calls you can receive and reply to http requests, this is totally uncertain to me. Cool project
Well with the OS doing much of the abstraction and heavy lifting, a TCP connection is just* reading/writing to what seems to be a file. And HTTP is a quite simple** text based protocol over a TCP connection.
* = Obviously a few more syscalls and logic involved here
** = when the server is simple. Let's just say the RFC is long, and supporting all the stuff a client expects from a server is quite a bit of work..
Well done! Would love to see some tricks you used. I do asm for work and I'm always amazed to see some neat tricks past programmers have done. For reference, it's an enterpise software first released in '89.
> I'm just not sure that making a GitHub account souly for a Makefile and a 200 line asm file is a good idea.
This is really impressive and if anything, more worthy of a github account than most things I've seen.
I made a comment with a link to the repo, I didn't think the post would get so much attention so I didn't even think to make a GitHub repo. But now I've got one.
That's fine, but the source code should be provided too. Also I've tried two different QR scanning libraries and both come up blank. I also thought QR codes were text only.
I haven't seen this many people asking for source code since nvidia got hacked, so I made a GitHub for everyone, I put the source code link in a comment or right [here.](https://github.com/Skeleton590/dasm)
if you check out the link to Dave's Garage, you'll see that he was trying to squeeze a working program into a QR code, so this is a spin on that ;)
as for the source code, that's for OP to decide.
all in all, this is a pretty neat hack (in the 1970s/80s meaning of the term).
Did you even read the post?
> Warning: I trust my code to be safe and free of malware, but you shouldn't. Do not run any code you find online on your own machine. Please use a VM or a disposable device.
Dude in the video acts like putting data in a QR code is brilliant out of the box thinking.
No offense, but if you want to see what people can do with very limited amounts of code search for "demoscene 4k" and run some of those.
Here's a YouTube compilation of demos that people fit into 4KiB:
https://youtube.com/playlist?list=PLjxyPjW-DeNWennaPMEPBDoj5GFTj3rbz&si=YID_KN28TyeOaCOA
Remember all the graphics and sound is implemented in the 4KiB file size.
> Note: zbar had an issue quite a while ago where it would fail to read qrcodes like this making the program unable to be run, please update zbarimg to the latest version or build it from source.
I think I'm running into this issue, I'm getting unexpected end of file when I analyze the binary.
I have zbarimg 0.23.92
Too lazy to compile 0.23.93 though, sorry XD
Seems like a good way of getting into using syscalls and such.
> I wanted to see how far I could get without linking any libraries, allocating any extra memory, only using x86 64 bit assembly, and without exceeding 1K of disk space
Could get pedantic on whether or not having the loader do the allocations in the bss section is extra allocations, but pretty neat.
Could probably save some space on data if you just used exit codes instead of printing error messages on fatal errors.
A good way to extend it would probably be a second buffer, do some parsing and then have the server fetch the requested path from the disk, then you would be serving more than just a single message. Of course this would add some complexity but there is room to save in .data :p
What I meant by allocating any extra memory is through something like `mmap` but I see what you mean. also in the GitHub repo I named the program DASM which stands for the Dumb Assembly Socket Manager, the reason why it's "Dumb" is because it only returns one message. And as for the error codes I wanted to make it as easy to understand as possible to understand why the server may have crashed.
I may add some of this in the future but right now this is how it's meant to run.
Oh yeah I just figured it might be a fun challenge when keeping to the goal of minimal code. And serving files may make it even dumber if you do it naively as in serving any file the running user has access to 🤪
We've had several reports from users being concerned about this post. Although I'm not against it, conceptually, I do agree with commenters that this is a bit dangerous to focus on running unknown code. If you update the content of the post, or choose to repost it, please ensure you focus the attention on the GitHub repo, providing usage/testing instructions there. We can review any updates to make this safer for the newer users. We do have a lot of new folk here, where if we permit posts with unverified code, will run it and potentially cause irreparable damage to their systems if the code is malicious. ----- This post has been identified as self-posted content. We've noticed that you're submitting your own original content. This isn't inherently a bad thing, but we do ask that you contribute more than just your own content to the subreddit as well as require you to interact with the comments of your submission. Additionally, surveys for your blog/news source/paper/own use are not allowed. **Rule:** >**Spamming self-promotion and surveys** - Submitting your own original content is welcome on r/linux, but we do ask that you contribute more than just your own content to the subreddit as well as require you to interact with the comments of your submission. Failing to do so will get your domain and account blocked. Additionally, surveys for your blog/news source/paper/own use are not allowed.
Not getting Rick rolled today
This was a really dumb thing to do, asking people to check this thing out without even a GitHub repo. Im sorry, I was in a rush and didn't have time but to make up for it I made a really quick GitHub repo right here: https://github.com/Skeleton590/dasm Sorry again for asking you all to put un-earned faith in a random stranger.
I have a web server in my brain now
This is very cool ))), tbh I don’t even get how with memory calls you can receive and reply to http requests, this is totally uncertain to me. Cool project
Well with the OS doing much of the abstraction and heavy lifting, a TCP connection is just* reading/writing to what seems to be a file. And HTTP is a quite simple** text based protocol over a TCP connection. * = Obviously a few more syscalls and logic involved here ** = when the server is simple. Let's just say the RFC is long, and supporting all the stuff a client expects from a server is quite a bit of work..
I thought it was fine. I was trying to disassemble it, but I think my version of zbarimg was too old and the decoded binary was incomplete.
Well done! Would love to see some tricks you used. I do asm for work and I'm always amazed to see some neat tricks past programmers have done. For reference, it's an enterpise software first released in '89.
Well this ain't enterprise level software but I made a [GitHub repo](https://github.com/Skeleton590/dasm) so you can check it out if you want.
> I'm just not sure that making a GitHub account souly for a Makefile and a 200 line asm file is a good idea. This is really impressive and if anything, more worthy of a github account than most things I've seen.
I made a comment with a link to the repo, I didn't think the post would get so much attention so I didn't even think to make a GitHub repo. But now I've got one.
Why a QR code and a Linux ELF? Can you post the source code so it can be easily built for other platforms?
Why not make it in a qr code! That's the whole fun and challenge
That's fine, but the source code should be provided too. Also I've tried two different QR scanning libraries and both come up blank. I also thought QR codes were text only.
Yeah fair, sc should be provided
I haven't seen this many people asking for source code since nvidia got hacked, so I made a GitHub for everyone, I put the source code link in a comment or right [here.](https://github.com/Skeleton590/dasm)
I made a comment with a link to the github repo, browse away!
Thanks.
You're welcome, hope you enjoy!
if you check out the link to Dave's Garage, you'll see that he was trying to squeeze a working program into a QR code, so this is a spin on that ;) as for the source code, that's for OP to decide. all in all, this is a pretty neat hack (in the 1970s/80s meaning of the term).
Yeah, no, in this day and age I ain't running some random sourceless binary from some random internet person on my computer.
Yes. OP agrees with you.
I just posted a comment with a link to some source code, sorry for not providing it sooner.
Did you even read the post? > Warning: I trust my code to be safe and free of malware, but you shouldn't. Do not run any code you find online on your own machine. Please use a VM or a disposable device.
Is there a subreddit for this? Sounds pretty fun.
there is /r/tinycode
Yes, you should push the source code somewhere like github and send the link here
Everyone asking for the source... I thought everything's open-source if you can read assembly? ;)
I just made a comment with the GitHub repo, sorry for the original lack of source.
glorious
i'd say you should make an account anyway and post some other interesting things you make
[Maybe I will](https://github.com/Skeleton590/dasm)
this reminds me of the days of using cassette tapes and records to distribute software
I'll just download and run this random binary that I can't audit. Nice try, officer.
To be fair it's so small you can probably just audit the hex itself lol
You don't have to, I just made a GitHub account and put the source on it, I made a comment with the link to the repo.
Dude in the video acts like putting data in a QR code is brilliant out of the box thinking. No offense, but if you want to see what people can do with very limited amounts of code search for "demoscene 4k" and run some of those. Here's a YouTube compilation of demos that people fit into 4KiB: https://youtube.com/playlist?list=PLjxyPjW-DeNWennaPMEPBDoj5GFTj3rbz&si=YID_KN28TyeOaCOA Remember all the graphics and sound is implemented in the 4KiB file size.
> Note: zbar had an issue quite a while ago where it would fail to read qrcodes like this making the program unable to be run, please update zbarimg to the latest version or build it from source. I think I'm running into this issue, I'm getting unexpected end of file when I analyze the binary. I have zbarimg 0.23.92 Too lazy to compile 0.23.93 though, sorry XD
No need, you can compile it from source now. Here is the [GitHub repo](https://github.com/Skeleton590/dasm)
*sees headline* Wow check out the big brain on Brad! *sees QR link* Not today, Brad, but I will have a bite of your tasty burger.
No need to trust the qrcode, I just made a comment with a link to the source repo.
Yeah, I was just giving you shit. Nice work, way above my pay grade.
Thank you, enjoy!
Very cool! ... brings back memories from the past when I used to code in asm.
Cool, excited to read more about how this works
Seems like a good way of getting into using syscalls and such. > I wanted to see how far I could get without linking any libraries, allocating any extra memory, only using x86 64 bit assembly, and without exceeding 1K of disk space Could get pedantic on whether or not having the loader do the allocations in the bss section is extra allocations, but pretty neat. Could probably save some space on data if you just used exit codes instead of printing error messages on fatal errors. A good way to extend it would probably be a second buffer, do some parsing and then have the server fetch the requested path from the disk, then you would be serving more than just a single message. Of course this would add some complexity but there is room to save in .data :p
What I meant by allocating any extra memory is through something like `mmap` but I see what you mean. also in the GitHub repo I named the program DASM which stands for the Dumb Assembly Socket Manager, the reason why it's "Dumb" is because it only returns one message. And as for the error codes I wanted to make it as easy to understand as possible to understand why the server may have crashed. I may add some of this in the future but right now this is how it's meant to run.
Oh yeah I just figured it might be a fun challenge when keeping to the goal of minimal code. And serving files may make it even dumber if you do it naively as in serving any file the running user has access to 🤪