Jump to content

Search the Community

Showing results for tags 'intel'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges
    • Bug Bounty
    • Programare
    • Reverse engineering & exploit development
    • Mobile phones
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Sugestii
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Categories

There are no results to display.

There are no results to display.

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 8 results

  1. SPOILER is the newest speculative attack affecting Intel's micro-architecture. Researchers out of the Worcester Polytechnic Institute and University of Lubeck discovered this new speculative attack dubbed SPOILER, Speculative Load Hazards Boost Rowhammer and Cache Attacks. Intel was notified of this issue a few months ago but no software/hardware fix appears ready yet, while the researchers claim there might not be an effective software solution available at least anytime soon -- and any mitigation would likely come at a performance cost, as we've seen with Spectre and Meltdown over the past year. AMD and ARM CPUs aren't believed to be impacted by SPOILER. In this work, we are the first to show that the dependency resolution logic that serves the speculative load can be ex-ploited to gain information about the physical page mappings. Microarchitectural side-channel attacks such as Rowhammer and cache attacks rely on the reverse engineering of the virtual-to-physical address mapping. We propose the SPOILER attack which exploits this leakage to speed up this reverse engineer-ing by a factor of 256. Then, we show how this can improve the Prime+Probe attack by a 4096 factor speed up of the eviction set search, even from sandboxed environments like JavaScript. Finally, we improve the Rowhammer attack by showing how SPOILER helps to conduct DRAM row conflicts deterministically with up to 100% chance, and by demonstrat-ing a double-sided Rowhammer attack with normal user’s privilege. The later is due to the possibility of detecting contiguous memory pages using the SPOILER leakage. The SPOILER Research Paper can be read here. SURSA: Phoronix
  2. Salutare, Aici avem singurul PoC real de meltdown, care functioneaza fara probleme (probat de mine). https://github.com/IAIK/meltdown This repository contains several videos demonstrating Meltdown Video #1 shows how Meltdown can be used to spy in realtime on a password input. Video #2 shows how Meltdown leaks physical memory content. Video #3 shows how Meltdown reconstructs a photo from memory. Video #4 shows how Meltdown reconstructs a photo from memory which is encoded with the FLIF file format. Video #5 shows how Meltdown leaks uncached memory. Am incercat sa scot parola de la un login de chrome (parola nefiind salvada, decat introdusa pentru login) merge ca si uns. Hai, la joaca!
  3. Nu ma intereseaza cine sunteti si ce hostati. Am doar un model de procesor si un numar de ram nu se poate mai multi sau mai putini: Procesor: Dual Intel Xeon 5650 Ram: 32gb ram Viteza la internet: 1 Gb/s Pret:40 dolari Adresa btc: 17swy2fjpsTQzc4fosSj37mzigHVTqg8sR T.O.S Exemple de con?inut inacceptabil sau link-uri: Porno copil Site-uri de arme Site-uri de medicin?
  4. Scammers use phishing emails to get consumers to click on links to websites they've created solely for the purpose of information theft. They trick users into typing their names, addresses, login IDs, passwords or credit card information into fields on sites that look like they belong to real companies. In some cases, just clicking the link provided in an email will automatically drop malware onto the user's device. Once the malware is installed, hackers can easily steal the victim's information without their knowledge. Phishers are getting better and better at making their traps look real, copying logos and creating sham urls and email addresses that look like actual corporate credentials. The Intel quiz displayed 10 real emails delivered to inboxes and collected by analysts at McAfee Labs, which is part of Intel Security. Some were legitimate correspondences from major companies, while others were phishing emails that look extremely believable. Of the 19,458 people who took the quiz, the vast majority -- 80 percent -- fell for at least one of the fake phishing emails they saw. Only 3 percent got a perfect score. Interestingly, the one email that was most often misidentified in the quiz was actually a legitimate letter. It raised false alarm bells by encouraging readers to claim free ads, a clicky turn of phrase that made people wary. Compared to the other 143 countries represented in the survey, the U.S. ranked 27th overall in ability to detect phishing. Americans' average 68 percent accuracy was just a few points above the global average. France, Sweden, Hungary, the Netherlands and Spain turned in the best performances. The results serve as yet another reminder to click with caution -- or not click at all. Intel Security's Gary Davis urged people to keep security software and browsers up to date to help weed out malicious sites and downloads, and to hover over links before clicking on them to make sure they point where they say they do. He also warned of obvious red flags, such as misspellings or bad grammar, that can help tip you off to a fraudulent correspondence. Want to see how you'd do on the quiz? You can try your hand at it above. If you don't score well, don't take it too hard. When Intel circulated an earlier version of it to Internet security professionals last year, 94 percent were fooled at least once. Source
  5. Intel Security (fomerly McAfee) has announced a security platform designed to protect both new and legacy infrastructure within the electric power grid. Dubbed Intel Security Critical Infrastructure Protection (CIP), the solution was developed in collaboration with the Department of Energy-funded Discovery Across Texas smart grid project including deployment at Texas Tech University, and is a joint project of Intel Security and Wind River. Intel Security CIP works by separating the security management functions of the platform from the operational applications, allowing the operational layer to be secured, monitored and managed, the company explained. According to Intel Security, the security platform can be applied with little or no changes to business processes or application software, and can be retrofitted onto many existing systems. Features include protection such as device identity, malware protection, data protection and resiliency. Intel believes the solution can be leveraged beyond the power grid and could be equally effective for departments of defense, oil and gas firms, medical applications, and other areas. According to a study sponsored by Intel, “In the Dark: Crucial Industries Confront Cyberattacks,” of the 200 CIP executives surveyed globally, 32% had not adopted special security measures for smart grid controls. Yet 33% anticipated a major cybersecurity incident within 12 months. Related: Learn More at the 2015 ICS Cyber Security Conference “The risk of cyberattacks on critical infrastructure is no longer theoretical, but building security into the grid is challenging due to the amount of legacy infrastructure and the importance of availability of service,” Lorie Wigle, Vice President of Internet of Things Security Solutions for Intel Security, said in a statement. “Traditional security measures such as patching and rebooting are often inappropriate for the grid, so we set out to design something entirely different that could be non-invasive but simultaneously robust “From December 2013 to January 2015, the Intel Security CIP was in a field trial at Texas Tech University, where it performed as required by NIST standards and withstood penetration testing, as well as protected the synchrophasor applications during the Heartbleed vulnerability and Havex attacks,” said Milton Holloway, President & COO, Center for the Commercialization of Electric Technologies. “This project was an outstanding example of a successful public-private partnership in that it produced technologies that are market-ready. What could be a better outcome of a demonstration project?” Sursa: securityweek.com
  6. Intel Parallel Studio XE 2015 ISO-TBE Intel Parallel Studio XE 2015 ISO-TBE | 2.21GB Intel? Parallel Studio XE 2015 tool suite simplifies the design, development, debug, and tuning of code that utilizes parallel processing to boost application performance. Get more application performance with less effort on compatible Intel? processors and coprocessors. Three editions based on your development needs: Composer Edition includes compilers, performance libraries, and parallel models optimized to build fast parallel code. Professional Edition includes everything in the Composer edition. It adds performance profiler, threading design/prototyping, and memory & thread debugger to design, build, debug and tune fast parallel code. Cluster Edition includes everything in the Professional edition. It adds a MPI cluster communications library, along with MPI error checking and tuning to design, build, debug and tune fast parallel code that includes MPI. DOWNLOAD LINKS: http://u22088411.letitbit.net/download/51235.5653042f682a629d8482fbc12f60/Intel.Parallel.Studio.XE.2015.ISO-TBE.part1.rar.html http://u22088411.letitbit.net/download/41546.4f59d2b5ea9b0a9f3cbbda77e442/Intel.Parallel.Studio.XE.2015.ISO-TBE.part2.rar.html http://u22088411.letitbit.net/download/97518.9af09ea2893731a8143efe8f9823/Intel.Parallel.Studio.XE.2015.ISO-TBE.part3.rar.html http://rapidgator.net/file/f31ebeffe5f9424422c2c9a0024bb9bc/Intel.Parallel.Studio.XE.2015.ISO-TBE.part1.rar.html http://rapidgator.net/file/798da8ddfd8294c02fa5f6d47fb2f95d/Intel.Parallel.Studio.XE.2015.ISO-TBE.part2.rar.html http://rapidgator.net/file/ff95cf3eae51da42ceaf005ffaf72291/Intel.Parallel.Studio.XE.2015.ISO-TBE.part3.rar.html http://uploaded.net/file/apbhbv9x/Intel.Parallel.Studio.XE.2015.ISO-TBE.part1.rar http://uploaded.net/file/0aijcv7s/Intel.Parallel.Studio.XE.2015.ISO-TBE.part2.rar http://uploaded.net/file/9dvb0ff0/Intel.Parallel.Studio.XE.2015.ISO-TBE.part3.rar http://u18391561.shareflare.net/download/04135.049da5ce84a5b9f1ab7fdb6ef62d/Intel.Parallel.Studio.XE.2015.ISO-TBE.part1.rar.html http://u18391561.shareflare.net/download/87969.84cfd1f07e53e507ccb5db4b642c/Intel.Parallel.Studio.XE.2015.ISO-TBE.part2.rar.html http://u18391561.shareflare.net/download/81118.852b22902423606e4a3673137e27/Intel.Parallel.Studio.XE.2015.ISO-TBE.part3.rar.html
  7. Gigabyte Intel 8 Series DVD v1.0 (GA-B85M-D3H) Gigabyte Intel 8 Series DVD v1.0 (GA-B85M-D3H) Gigabyte Intel 8 Series DVD v1.0 (GA-B85M-D3H) | SIZE : 3.27 GB A complete set of drivers and additional software for Gigabyte Motherboard chipset 8 Series Content Disc Chipset: HECI Intel ® Management Engine Interface. INFUpdate Intel ® Chipset Device Software. IntelUSB30 Intel USB 3.0 Driver. IRST Intel Rapid Storage Technology driver. RenesasUSB Renesas USB 3.0 Driver. Vga Intel VGA Driver. Antivirus: Norton Norton Internet Security. Audio: Creative Creative Sound Driver. Creative SB Creative Utility. Realtek Realtek Audio Driver. VIA VIA Audio Driver. BootDrv: iRST Intel Rapid Storage Boot driver Marvell Marvell Boot driver Network: Atheros Atheros LAN driver. Intel Intel LAN driver. Bigfoot Bigfoot LAN Driver. RTL other Realtek LAN driver for other OS. RTL8111 Realtek PCI-E LAN driver. RTLTOOL Realtek LAN tools. Other: GCDROM CD-ROM driver patch. GSATA GIGABYTE SATA driver. IFX Infineon TPM driver. Marvell Marvell RAID / AHCI Driver. Utility: Adobe Acrobat reader. AtherosSmartNet Atheros SmartNet. Cfosspeed. Dolby Utility. Gigabyte All Gigabyte Utility. GoogleChrome Google Chrome Browser. GoogleTool Google Tool. HOTFIX Hotfix. IRST_SW Intel ® Rapid Start Technology Software. ISCT Intel ® Smart Connect Technology. Lan Optimizer. NET_Framework. NET Framework 3.5 Installer. SBA Intel ® Small Business Advantage Software. SRD Splashtop Streamer Software. SRDC Splashtop Remote Client Software. Checksum MD5: 918194d3e6741f8ba76f7451a9f6f28f * Gigabyte Intel 8 series v1.0.iso Year / Date of Release: 2013 Version: 1.0 Developer: Gigabyte Website Developer: Bit depth: 32bit, 64bit Language: Multilingual (Russian present) Medicine: Not required System requirements: Intel Chipset 8 series for the 1150th socket DOWNLOAD LINKS: http://u19822771.letitbit.net/download/54641.57033a64d156eba080745ab5d31e/03.o0h.Gigabyte_AppzPro__1_.rar.html http://u19822771.letitbit.net/download/20354.297891275ea0ea234cc3f9f23e18/03.o0h.Gigabyte_AppzPro__2_.rar.html http://u19822771.letitbit.net/download/25994.2b8d48c52f42fe0f053cf0e79e3b/03.o0h.Gigabyte_AppzPro__3_.rar.html http://u19822771.letitbit.net/download/09079.0e41837f102c64d8a7e9740a8c70/03.o0h.Gigabyte_AppzPro__4_.rar.html http://uploaded.net/file/dzuja7fd/03.o0h.Gigabyte_AppzPro__1_.rar http://uploaded.net/file/lmf47eu9/03.o0h.Gigabyte_AppzPro__2_.rar http://uploaded.net/file/mxt0lgnw/03.o0h.Gigabyte_AppzPro__3_.rar http://uploaded.net/file/veorxpqb/03.o0h.Gigabyte_AppzPro__4_.rar http://rapidgator.net/file/b7ca7a1b6434ce028ed7bee903c2dce2/03.o0h.Gigabyte_AppzPro__1_.rar.html http://rapidgator.net/file/82c897c82c4f1c8ecf8205b1f9cba9fb/03.o0h.Gigabyte_AppzPro__2_.rar.html http://rapidgator.net/file/90b6c261715f7e78d71d473118241120/03.o0h.Gigabyte_AppzPro__3_.rar.html http://rapidgator.net/file/daa1a5a4acf272b903dfaabd75798728/03.o0h.Gigabyte_AppzPro__4_.rar.html http://www.uploadable.ch/file/Cew7t6kdWp3V/03.o0h.Gigabyte_AppzPro__1_.rar http://www.uploadable.ch/file/rzbzmzhYCMGE/03.o0h.Gigabyte_AppzPro__2_.rar http://www.uploadable.ch/file/bJFECSFrTaZm/03.o0h.Gigabyte_AppzPro__3_.rar http://www.uploadable.ch/file/9HQAm95vEshN/03.o0h.Gigabyte_AppzPro__4_.rar
  8. In acest tutorial voi descrie caracteristicile de baza a limbajului de programare assembly.Vom avea un simplu exemplu de baza si anume stamparea unei variabile in stdout, structura instructiilor , definirea sectiunilor de baza , memoria, registrii de baza care pot fi intalniti in arhitectura procesoarelor de 32 biti Intel , nu in ultimul rand voi converti un exemplu de cod assembly scris pentru arhitectura intel 32 biti in 64 biti.Voi folosi cei mai simpli termeni pentru a descrie structura instructiilor si a unui registru.Pentru a nu duce in erroare un user ma voi folosi doar de registrii indispensabili.Assembly este un limbaj de programare Low Level.Spre deosebirea celorlalte limbaje de programare assembly necesita o traducere simpla in Machine Code deoarece fiecare cuvant sau mai bine spus instructie in assembly vine transformata intro instructie macchine code.Intructiile in machine code sunt intructii binare care pot fi interpretate foarte simplu de catre un computer dar putin mai greu de catre o persoana.De aceea pentru fiecare instructie binara a fost creata o instructie in assembly care poate fi denumita human readable deoarece creierului uman este mai simplu sa memoreze un anumit alias decat o instructie in 0 si 1.Fiecare procesor are un set de instructii assembly care difera de la o arhitectura la alta.Pentru a traduce instructiile assembly in operation code (macchine instruction code) vine folosit un traducator chemat assembler.Acesta este un software care interpreteaza instructiile scrise in assembly si le traduce in macchine code.Ei bine exista mai multe tipuri de assembler si fiecare are o anumita sintaxa.Instructiile scrise de catre un anumit assembler nu pot fi traduse in opcode de catre alt tip de assembler deoarece instructiile sunt diverse.Cele mai cunoscute tipuri de assembler sunt urmatoarele: NASM Windows, Linux, Mac OS X, DOS, OS/2 MASM Windows, DOS, OS/2 TASM Windows, DOS Yasm Windows, DOS, Linux, Unix-like HLA Windows, Linux, FreeBSD, Mac OS X GAS Unix-like, Windows, DOS, OS/2 Evident lista poate fi mult mai lunga , dar ma limitez aici.Ceea ce este important sa intelegeti este faptul ca fiecare are o sintaxa particulara pentru a scrie intructiile si ca exista diverse moduri de a programa in assembly.Pentru acest tutorial si urmatoarele exemple eu voi folosi GAS ca assembler.Ce este important sa cunoasteti este ca acest tip de assembler permite scrierea instructiilor assembly in 2 moduri.De default este folosita sintaxa AT&T dar poate fi folosita si sintaxa Intel.Ambele sintaxe pot traduce instructiile in opcode compatibil cu procesoarele Intel doar ca difera modul in care sunt scrise instructiile. Intex Syntax instructie dest,source AT&T Syntax instructie source,dest In urmatoarele exemple voi folosi doar AT&T Syntax.Assembly nu este un limbaj de programare cross platform deci anumite instructii vor putea fi executatea doar pe anumite platforme si nu pe altele.Exemplele sunt create pentru sistemele Linux 32 Biti Intel.In final voi traduce exemplul din tutorial si pentru arhitectura Intel 64 biti Linux.De obicei limbajele de programare se invata intrun anumit mod .Vin invatate structurele de date, instructiile , structurele de control , functiile si cu putina practica o persoana poate incepe sa programeze.Ei bine in assembly este putin diverssi pentru a obtine o anumita functie vor trebui scrise mai multe linii de cod.Pentru a cunoaste assembly necesita cunostinta sistemului operativ, a structurii procesorului si cum vine alocata memoria in ambientul respectiv.Acest tutorial este basic deoarece am vrut sa merg pe principul keep it simple .Vom incepe cu descrierea arhitecturii a unui computer.Avem un procesor , 3 tipuri de memorie (cache memory, main memory , secondary memory) ,Input/Output Devices (tastiera spre exemplu).Procesorul acceseaza date in memorie in urmatorul fel:Va cauta in mod direct existenta datelor in cache memory , main memory(ram) si in mod indirect date in secondary memory (hard disk).In cazul in care datele nu se gasesc in casche memory sau in main memory vor fi incarcate din secondary memory in main memory dupa care procesorul va avea access direct la ele.Conceptul programarii in assembly este urmatorul: Procesorul preia date din memorie executa operatii aritmetice asupra datelor si stocheaza rezultatul inapoi in memorie sau il stampeaza in stdout (monitorul user/ului).La randul lor datele pot fi preluate din stdin (tastiera) , pot fi procesate si stocate in memorie sau pe ecranul user-ului.In momentul in care datele vin preluate de catre cpu din main memory(ram) pentru a executa anumite operatii asupra lor vin stocate intrun alt spatiu de memorie, acest spatiu vine chemat registu.Un cpu detine mai multi registrii pentru a stocain mod temporar datele atunci cand se fac operatii asupra lor dupa care datele vin puse la locul de unde au fost luate .Ceea ce probabil il pune pe user intro stare de umra este faptul ca procesorul poate detine multi registrii.Nu e nevoie sa cunosti fiecare registru daca nu il folosesti atunci cand programezi in assembly .In acest articol nu voi descrie toti registrii deoarece voi crea o confuzie.Ceea ce este important sa cunoasteti este faptul ca atunci cand o valoare este preluata din memorie trebuie stocata intrun anumit loc temporar unde pentru a face operatii asupra ei dupa care rezultatul va fi stocat inapoi in memorie iar registrul temporar va prelua urmatoarea valoare. Ca in fiecare limbaj de programare si in assembly programul vine impartit in anumite sectii.Exista o sectie unde pot fi declarate anumite tipuri de date.Spre exemplu exista o sectie chemata .data , aici pot fi declarate tipurile de date cu care se va lucra, Aceasta sectie poate fi paragonata cu declararea variabilelor in alte limbaje de programare. O alta sectie este .bss , in aceasta sectie se pot declara alte tipuri de date a caror valoare spre exemplu nu este cunoscuna initial.O alta sectie este .text , aici pot fi scrise instructiile care vor procesa datele declarate si procesate in sectiile .data .bss.O alta sectie importanta este .globl , aici pot fi chemate functii/librari externe care au fost deja create in precedenta.Vom avea si o sectie _start de unde instructiile vor incepe sa fie executate.Aceasta sectie poate fi paragonata cu functia main() in c. Pentru a scrie un simplu program in assembly se vor crea sectiile respective, se vor umple cu date dupa care se vor chema instructii asupra datelor declarate.In urmatoarele exemple vom vedea cum se pot declara date , cum vin declarate instructiile? , ce se intampla atunci cand instructiile vin traduse in opcode?, cum vin incarcate datele din memorie intrun registru?, cum pot fi chemate functii externe asupra datelor? Pentru a putea face o operatie asupra unei valori , va trebui declarata valoarea respoectiva , acelasi lucru si pentru oricare alt tip de date.Initial vom construi o sectie .data unde vom stoca un nickname. Declar o sectie data in memorie .data Declar o eticheta pentru tipul de date pe care il voi crea NickName: Declar tipul de date pe care vreau sa le stochez in memorie .ascii "pyth0n3\n: Asadar am creat o sectie, o eticheta , un tip de date Eticheta va avea o adresa in memoria RAM , la adresa respectiva se vor gasi datele pe care le-am declarat Etichetei ii vine atribuita o adresa de memorie NickName data variable address 0x8049098 La adresa 0x8049098 vom avea datele stocate si anume pyth0n3\n NickName data variable content in excaped hex 0x70 0x79 0x74 0x68 0x30 0x6e 0x33 0x0a p y t h 0 n 3 \n Evident o data ce instructia .ascii "pyth0n3\n" va fi tradusa in opcode de catre assembler vom avea urmatorul cod Nick Name data variable content in binary giant, 8 bytes 0000101000110011011011100011000001101000011101000111100101110000 Important este sa intelegeti faptul ca acest cod se afla la o anumita adresa si anume la 0x8049098 ,am tradus adresa in hex dar pentru procesor va fi tot o valoare in 0 si 1.Dupa ce am declarat datele ramane sa decidem ce vrem sa facem cu ele .Vom stampa pe ecran ceea ce am stocat la adresa 0x8049098.Evident pentru a face acest lucru exista mai multe alternative.In Linux ne putem folosi de syscall.Trebuie individuate functiile de care avem nevoie pentru a stampa datele + functia pentru a inchide programul.Fiecare syscall are un anumit id numeric .In fiecare sistem linux lista se poate gasi in /usr/include/asm .In fisierul unistd_32.h se vor gasi functiile pentru procesoarele 32 biti iar in unistd_64.h pentru procesoarele 64 biti.Vom folosi 2 syscall diverse 1 pentru a stampa datele declarate 2 pentru a iesi din program. Pentru a stampa datele vom folosi #define __NR_write care are ca id numarul 4 Pentru a iesi din program vom folosi #define __NR_exit care are ca id numarul 1 Datele care vin procesate trebuie incarcate in registrii asadar vom folosi 4 registrii a procesorului pentru a stoca temporar date care vor fi executate.Asadar vom folosi EAX,EBX,ECX,EDX care pot fi paragonate cu 4 variabile temporare unde vom stoca date care trebuie executate. In momentul in care nu am specificat nici o instructie registrii momentan nu au nici o valoare eax 0x0 0 ecx 0x0 0 edx 0x0 0 ebx 0x0 0 Probabil va intrebati in care ordine pot fi introduse datele in registrii spre exemplu care este primul registru? Ei bine ordinea este urmatoarea EAX EBX ECX EDX.Vom muta valoarea functiei write in primul registru Pentru a scrie instructiile trebuie creata o sectie .text , avand in vedere oricum faptul ca vom chema si functii externe syscall va trebui specificata si o sectie pentru external routines si anume .globl _start dupa care vom crea sectia _start unde vom incepe sa executam instructiile pe care le vom scrie Asadar vom incepe cu prima instructie .text .globl _start _start movl $4, %eax Dupa executarea acestei instructii registrul EAX va avea valoarea 4 eax 0x4 4 ecx 0x0 0 edx 0x0 0 ebx 0x0 0 Functia write are nevoie de cateva argumente pentru a stampa datele si anume primul argument pe care va trebui sa il specificam functiei dupa ce a fost incarcata in registrul EAX este unde anume vrem sa stampam datele? In linux exista 3 tipuri de fisiere chemate file descriptor Standard input identificat de catre valoarea 0 acet fisier preia input-ul de la tastiera spre exemplu Standard output identificat de catre valoarea 1 , acest file este folosit pentru a stampa informatia Standard error indenbtificat de catre valoarea 2, acest file este folosit pemtru a stampa mesajele de erroare. Pentru a stampa datele vom folosi standard output, asadar primul argument va fi specificat in al doilea registru si anume EBX , standard output are ca valoare 1 asadar urmatoarea instructie pe care o vom scrie este movl $1, %ebx Acum registrii au urmatoarele valori eax 0x4 4 ecx 0x0 0 edx 0x0 0 ebx 0x1 1 Al doilea parametru a functiei care trebuie specificat este adresa in memorie unde se afla datele pe care vrem sa la stampam.In urmatorul registru vom incarca adresa etichetei cu urmatoarea instructie leal NickName, %ecx Asadar registrii vor avea urmatoarele valori eax 0x4 4 ecx 0x8049098 134516888 edx 0x0 0 ebx 0x1 1 Dupa cum observati instructia leal NickName, %ecx a incarcat in ECX adresa unde se afla datele si anume 0x8049098 care este echivalent cu 134516888 in decimal.Al treilea argument al functiei care trebuie incarcat in urmatorul registru si anume EDX este lungimea pe care vrem sa o stampam din datele pe care le/am declarat (lungimea nickname-ului este pyth0n3 7+1 newline). movl $8, %edx In acest moment registrii vor avea urmatoarele date eax 0x4 4 ecx 0x8049098 134516888 edx 0x8 8 ebx 0x1 1 Deci pana aici i-am spus procesorului sa faca urmatorul lucru.Mergi la adresa 0x8049098 si stampeaza pe ecran urmatoarele 8 caractere.Daca am fi specificat mai multe caractere ar fi stampat ceea ce se afla dupa 8 caractere pe care le-am declarat in memorie(incercati, o sa va stampeze garbage).In momentul in care instructiile au fost declarate ,nu ramane decat sa chemam procesorul ca sa execute ceea ce am facut pana acum.Urmatoarea instructie va face acest lucru , este un interupt (kernelul va trimite un semnal procesurului ca sa execute ceea ce a fost incarcat in registrii acum. int 0x80 O data ce aceasta instructie vine executata , vor fi stampate pe ecran 8 caractere din datele declarate.(ultimul caracter este doar un newline).Dupa ce datele vor fi stampate registrii vor avea urmatoarele valori eax 0x8 8 ecx 0x8049098 134516888 edx 0x8 8 ebx 0x1 1 Dupa cum observati valoarea din registru EBX este in EAX acum.Dupa ce codul vine executat se va face un return in EAX.Acum nu ramane decat sa declaram instructiile necesare pentru a iesi din program , asadar vom folosi ca syscall exit care are valoarea 1.Dupa cum am specificat , ordinea pentru a incarca instructiile in registrii este urmatoarea .Prima valoare in EAX , iar urmatorii parametrii in EBX,ECX,EDX.Atentie acest lucru este valabil doar pentru procesoarele intel 32 biti.Deci vom chema valoare 1 in registrul EAX. movl $1, %eax Asadar vom avea urmatoarele valori eax 0x1 1 ecx 0x8049098 134516888 edx 0x8 8 ebx 0x1 1 Dupa cum observati registrii nu au fost modificati si unele valori pe care le-am incarcat inainte au ramas in registrii.Atunci cand veti scrie cod putin mai complicat in assembly va trebui sa aduceti registrul la statul initial sau uneori sa daceti un decrement dealtfel registrul va detine valoarea care a fost incarcata initial. Urmatorul parametru pentru functia exit este un return code.Aici putem specifica modul in care vrem sa iesim din program.Un return cod 0 va iesi curat , se poate specifica un return code 1 cand vrem sa iesim cu o erroare. In cazul nostru nu exista o erroare , asadar vom iesi cu 0.Primul si singurul parametru al functiei exit va fi 0. movl, $0 %ebx Dupa cum observati instructiile pe care le-am declarat au fost executate si valorile au fost urcate in registrii EAX va avea valoarea 1 , EBX va avea valoarea 0 iar restul registrilor vor avea valorile precedente eax 0x1 1 ecx 0x8049098 134516888 edx 0x8 8 ebx 0x0 0 Pentru a executa ceea ce este acum in EAX va trebui sachemam un inerrupt , acest semnal va spune procesorului sa execute ce gaseste acum in EAX.Nu vor fi executate datele din registrul ECX si EDX deoarece valoarea pe care am puso in registrul EAX si este echivalenta cu functia exit chiama doar un singur parametru si anume 0 pe care l-am pus in registrul EBX .Asadar vor fi executate datele din EAX SI EBX int $0x80 In acest caz am iesit din program , nu mai vine nimic stampat pe ecran , dar totusi putem observa cu care exist status am iesit.In Linux se poate face acest lucru folosind urmatorul comand imediat dupa ce am executat un program. echo $? In acest tutorial am facut un simplu exemplu in assembly si am observat ce se intampla atunci cand fiecare instructie vine executata. Acest lucru poate fi facut cu un debugger,asadar nu uitati sa asablati codul cu extensii pentru debugging daca vreti sa vedetice face pentru a asambla codul se vafolosi as. as -ggstabs nickname.s -o nickname.o Note: Am specificat optiunea ggstabs doar pentru debugging ,asadar il puteti urca intrun debugger preferat ca sa observati cum vin alocate datele.In momentul de fata vom avea un objec code nickname.o care trebuie ytrecut prin linker.Vom folosi ld pentru linking , asadar vom crea un executabil. ld nickname.o -o nickname Evident in momentul in care il veti trece in debugger veti observa mai multi registrii.Eu m-am limitat ca sa nu duc in erroare.Fiecare registru are rolul lui si fiecare registru este necesar.Un simplu exemplu pe care il veti pbserva atunci cand si doar daca veti face debugging este urmatorul.Presupunem ca am creat un breakpoint inainte ca prima instructie sa fie executata si vrem sa observam valorile care sunt stocate in momentul de fata in registrii.Atentie nu in fiecare registru trebuie neaparat sa existe valori, unii vor avea un flag sau nici o valoare. eax 0x0 0 ecx 0x0 0 edx 0x0 0 ebx 0x0 0 esp 0xbffff840 0xbffff840 ebp 0x0 0x0 esi 0x0 0 edi 0x0 0 eip 0x8048074 0x8048074 <_start> eflags 0x200212 [ AF IF ID ] cs 0x73 115 ss 0x7b 123 ds 0x7b 123 es 0x7b 123 fs 0x0 0 gs 0x0 0 Dupa cum observati unii registrii au anumite valori precum registrul ESP care va avea intotdeuna o adresa de memorie si anume adresa dintyrun anumit segment de memorie chemat stack (probabil este interesant atunci cand se va scrie un exploit , stack overflow spre exemplu sau buffer overflow).EIP va detine intotdeuna adresa din top a segmentului de memorie chemat stack.Un alt registru inportant este EIP care este un instruction pointer , acest registru va detine intoteauna urmatoarea adresa urmatoarei sintructii care trebuie executate.Sa nu uitam faptul ca si instructiile pe care le folosim trebuie sa fie stocate undeva in memorie.Pentru acest tutorial ma voi opri aici deoarece in momentul de fata nu am folosit alti registrii pentru a putea explica ceea ce fac.Va las exemplele codului din acest tutorial si nu in ultimul rand pentru cai care sunt curiosi voi traduce codul assembly 32 bit in 64 bit doar ca sa observati diferentele. #nickname.s 32 bit intel gas AT&T syntax assembly .data NickName: .ascii "pyth0n3\n" .text .globl _start _start: movl $4, %eax movl $1, %ebx leal NickName, %ecx movl $24, %edx int $0x80 movl $1, %eax movl $0, %ebx int $0x80 #nickname.s 64 bit intel gas AT&T syntax assembly .data NickName: .ascii "pyth0n3\n" .text .globl _start _start: movq $1, %rax movq $1, %rdi movq $NickName, %rsi movq $8, %rdx syscall movq $60, %rax movq $0, %rdi syscall Cum am mai spus exista mai multe variante pentru a scrie acest cod. Exemplu : Vom stampa "OK" pe ecran intrun mod divers sintaxa pentr 32 bit .text .globl _start _start: pushl $0x0a6b6f mov %esp, %ecx mov $0x4, %edx mov $0x4, %eax movl $1, %eax movl $0, %ebx int $0x80 Probabil exista greseli de exprimare, nu ezitati sa scrieti , le voi corecta. ###END
×
×
  • Create New...