IntroductionI’m writing a series of tutorials on x86 assembly for C programmers who are already familiar with many of the basics of programming and computing. The assembly tutorials available online just aren’t doing it for me, and I need something organized the way I think, on the topics I’m interested in, presented in a way which make comprehensive understanding easy. I’ll do the work, go find the answers, and then drop everything here for you to enjoy. Please note I do not claim to be an expert on the assembly language.My interest in assembly is for both optimizing C applications, and the purpose of developing exploits for vulnerabilities in common applications, not write applications in assembly from scratch. I’m not interested in, “Good,” examples of assembly, I’m interested in real examples. This will affect the assembly we look at. More specifically, I write the code in C, compile it with gcc, and what comes out is what we’ll be dissecting. For the purposes of these tutorials, 32-bit x86 assembly. Everything compiled/built/disassembled on the latest stable distro of Ubuntu.
ReferencesThe Art of Assembly is an excellent reference, and if you need clarification of any of the topics discussed, I recommend checking it out. Chapter six covers all of the instructions, how they work, and what specifically they do.
Thanks To:Bushmills from irc.freenode.net##asm for taking the time to explain to a noob why the first 7 lines of assembly were what they were.
The CodeLet’s take a look at a simple C application, and it’s disassembled assembly code.
gcc one.c -o one#include int main (int argc, char * argv [])
{ int i; argc++; for (i = 0; i < 10; i++)
printf("%d\n", i); return 0; }Disassembled counterpart (for main):
objdump -d one -M intel Read more: endeavor
QR:
ReferencesThe Art of Assembly is an excellent reference, and if you need clarification of any of the topics discussed, I recommend checking it out. Chapter six covers all of the instructions, how they work, and what specifically they do.
Thanks To:Bushmills from irc.freenode.net##asm for taking the time to explain to a noob why the first 7 lines of assembly were what they were.
The CodeLet’s take a look at a simple C application, and it’s disassembled assembly code.
gcc one.c -o one#include int main (int argc, char * argv [])
{ int i; argc++; for (i = 0; i < 10; i++)
printf("%d\n", i); return 0; }Disassembled counterpart (for main):
objdump -d one -M intel
080483c4 : 80483c4: 8d 4c 24 04 lea ecx,[esp+0x4] 80483c8: 83 e4 f0 and esp,0xfffffff0 80483cb: ff 71 fc push DWORD PTR [ecx-0x4] 80483ce: 55 push ebp 80483cf: 89 e5 mov ebp,esp 80483d1: 51 push ecx 80483d2: 83 ec 24 sub esp,0x24 80483d5: 83 01 01 add DWORD PTR [ecx],0x1 80483d8: c7 45 f8 00 00 00 00 mov DWORD PTR [ebp-0x8],0x0 80483df: eb 17 jmp 80483f8 80483e1: 8b 45 f8 mov eax,DWORD PTR [ebp-0x8] 80483e4: 89 44 24 04 mov DWORD PTR [esp+0x4],eax 80483e8: c7 04 24 d0 84 04 08 mov DWORD PTR [esp],0x80484d0 80483ef: e8 04 ff ff ff call 80482f8
QR: