Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Basic Noob assembly Question


  • Please log in to reply
9 replies to this topic

#1 ranget

ranget

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 PM

Posted 05 February 2012 - 05:08 PM

;
; This program runs in 32-bit protected mode.
;  build: nasm -f elf -F stabs name.asm
;  link:  ld -o name name.o
;
; In 64-bit protected mode you can use 64-bit registers (e.g. rax instead of eax, rbx instead of ebx, etc..)
; Also change "-f elf " for "-f elf64" in build command.
;
section .data                           ; section for initialized data
str:     db 'Hello world!', 0Ah         ; message string with new-line char at the end (10 decimal)
str_len: equ $ - str                    ; calcs length of string (bytes) by subtracting this' address ($ symbol) from the str's start address
 
section .text                           ; this is the code section
global _start                           ; _start is the entry point and needs global scope to be 'seen' by the linker -equivalent to main() in C/C++
_start:                                 ; procedure start
        mov    eax, 4                   ; specify the sys_write function code (from OS vector table)
        mov    ebx, 1                   ; specify file descriptor stdout -in linux, everything's treated as a file, even hardware devices
        mov    ecx, str                 ; move start _address_ of string message to ecx register
        mov    edx, str_len             ; move length of message (in bytes)
        int    80h                      ; tell kernel to perform the system call we just set up - in linux services are requested through the kernel
        mov    eax, 1                   ; specify sys_exit function code (from OS vector table)
        mov    ebx, 0                   ; specify return code for OS (0 = everything's fine)
        int    80h                      ; tell kernel to perform system call



IDK i just wanted to start in Assembly world
anyway Got a video tut about 32bit assembly programming and the Teacher used a two Hello World samples
i couldn't understand can someone Explain those extremely basic Programs :)
(i didn't understand the annotation )

also if some one Can help me just Look for free Resources for Assembly Language on the internet that will be helpful
i already tried looking i just keep Hitting the Wall

any way just wanted to tell that i want to learn Assembly to start in RE malware World
also if you can give me some tips about that :)

A big thanks to Dider Stevens

sorry for not being around

 


BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:31 PM

Posted 06 February 2012 - 10:56 AM

From what line on do you fail to understand what your program does?

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 ranget

ranget
  • Topic Starter

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 PM

Posted 06 February 2012 - 12:53 PM

This program runs in 32-bit protected mode.

just kidding


the question is i don't understand how all this assembly stuff works maybe cuz i'm c# programmer Aka noob

anyway

why do we have two section section for text and another for data

okay my understanding is why we Load the registers with 4 and 1

mov eax, 4 ; specify the sys_write function code (from OS vector table)
mov ebx, 1



i find this sample is very confusing and hard can you show me a simpler one just for 32 bit

A big thanks to Dider Stevens

sorry for not being around

 


#4 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:02:31 PM

Posted 06 February 2012 - 03:01 PM

All programs have an instruction section and a data section. You just don't see it while the program is being executed..

There are about a bazillion assembly tutorials online, and in reality, the example you found is as basic as it gets. You need to read a lot before you are going to understand what is happening. Are you able to get the program working?

Maybe this will help:
http://www.drpaulcarter.com/pcasm/pcasm-book-pdf.zip

#5 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:31 PM

Posted 06 February 2012 - 04:45 PM

When you get the program running, try running it with a debugger and single step through it, this will make things cleared.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#6 ranget

ranget
  • Topic Starter

  • Members
  • 250 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:31 PM

Posted 13 February 2012 - 01:32 PM

thanks for the Help Guys i will try Reading more about the architecture of the computer and Using a Debugger it's an excellent idea thanks for the help

A big thanks to Dider Stevens

sorry for not being around

 


#7 DavidWJ

DavidWJ

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:31 PM

Posted 20 February 2012 - 02:21 AM

It might help to download the intel instruction set.

#8 A Future Pilot

A Future Pilot

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:TN, USA
  • Local time:03:31 PM

Posted 28 February 2012 - 10:50 PM

I don't know if you're set on learning Intel's assembly language...a better one to learn on may be MIPS. Just a thought :)

#9 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:02:31 PM

Posted 29 February 2012 - 07:48 AM

I don't know if you're set on learning Intel's assembly language...a better one to learn on may be MIPS. Just a thought


Just another thought. It might be helpful to elaborate on why MIPS may be 'better' (whatever that means).

#10 A Future Pilot

A Future Pilot

  • Members
  • 78 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:TN, USA
  • Local time:03:31 PM

Posted 29 February 2012 - 11:23 AM

Well MIPS has a much stricter convention than Intel...the developers did their very best to make everything uniform and simple. And (IMO) it's easier to understand. Just comparing MIPS code snippets to Intel code snippets, MIPS is easier to read. That's just my opinion :) (I'm currently taking a class in MIPS programming)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users