Jump to content
monstr

x86 Assembly Language, Part 1

By monstr, in Tutoriale in engleza

Recommended Posts

monstr Newbie

monstr

Posted
Posted

As usual, last Friday night I was hanging out with friends, picking up girls in the street and chasing after them. One night, I had a strange feeling just like something was gonna happen. But I was not sure if it’s gonna be good or bad. My closest friend, Esp!oNLerAvaGe!, came out with me. I dressed up and we were ready. We took a taxi to Aîn Diab, a very active place in Casablanca, Morocco. While walking, I saw a very gorgeous girl, everybody was looking at her, and I decided to give myself a chance and have a talk with her. On my way to her, I heard someone who said loudly:JAVA IS AWESOME”.

When I heard that, I lost my attention span, and I kept my thoughts fixed on “JAVA” & “AWESOME”. Not because I have something with Java, but because at that moment, I really wasn’t expecting someone to say such a thing. I kept walking towards the girl and she was gazing at me. I said:

Me: Hi, could I have a word with you?

Her: Hi! .. ohhh yeah !

Me: I’ve seen you leaving the cafe, you look so adorable and I want to ask you something…

Her: Ooh .. Wh..a…t kind of question is th.a…t ?

In the meantime, there was a bunch of guys trying to figure out something. I was kinda out of it, looking at the girl but listening to the guys. Then, I heard :

“YOU WRITE ONCE AND RUN EVERYWHERE.”

I said to myself, shouldn’t it be “write once, debug everywhere“? Afterward, he said: “JAVA IS THE FUTURE,” AND HE ASKS HIS FRIENDS TO FORGET ABOUT ASSEMBLY. I decided to intervene. I said:

Sorry, do you know what is Assembly?

The guy replied: mm… not much actually, do you?

I said oh yes.

Him: can I ask you some questions then?

Then I smiled, asked the girl to join us, and the conversation started.

What is Assembly Language ?

Assembly language programming is referred to as low-level programming because each assembly language instruction performs a much lower-level task compared to an instruction in a high-level language. As a consequence, to perform the same task, assembly language code tends to be much larger than the equivalent high-level language code.

So Assembly Language is Machine Language ?

Somehow. Machine language is a close relative of the assembly language. Typically, there is a one-to-one correspondence between the assembly language and machine language instructions. In fact, they differ only in appearance.

The processor understands only the machine language, whose instructions consist of bits of 1?s and 0?s. So, you need a program that can do this magic for you! This program is called : the Assembler.

“Writing code only with 1 & 0 is cumbersome, that’s why we don’t write anymore with machine code,” he murmured…

What is an Assembler ?

An assembler is a utility program that converts source code programs from assembly language into machine language, so the CPU can understand it. A picture is worth a thousand words:

100112_1550_x86Assembly1.png

Is Assembly Language Portable?

Absolutely Not! Assembly language is directly influenced by the instruction set and architecture of the processor. The instructions are native to the processor used in the system. In other words, porting an assembly language program from one computer to another with a different processor usually means starting over from scratch. For example, a program written in the Intel assembly language cannot be executed on the Motorola or an ARM processor.

Which Assembler is the Best ?

There are well over a dozen different assemblers available for the x86 processor running on PCs. They have widely varying feature sets and syntax. Some are suitable for beginners, some are suitable only for advanced programmers. Some are very well documented, others have little or no documentation. Some are supported by lots of programming examples, some have very little in the way of example code. Certain assemblers have tutorials and books available that use their particular syntax, others have nothing. Some are very basic, others are very complex. Which assembler is best, then?

Like many of life’s questions, there is no simple answer to the question “which assembler is best?” This is because different people have different criteria for judging what is “best”. Without a universal metric for judging between various assemblers, there is no way to pick a single assembler and call it the best. In this saga, we will use an assembler called JWasm. In the next chapter, I’ll tell you why we choose this assembler. Here is a small map I’ve designed to give you a global image of different assemblers.

100112_1550_x86Assembly2.png

How Does Java Relate to Assembly Language?

High-level languages such as C++ and Java have a one-to-many relationship with assembly language. A single statement in C++ expands into multiple assembly language or machine instructions. We can show how C/C++ statements expand into machine code. Most people cannot read raw machine code, so we will use its closest relative, assembly language. The following C++ code carries out two arithmetic operations and assigns the result to a variable. Assume myVariableA and myVariableB are integers:

int myVariableA;

<span style="font-family: Courier New; font-size: 10pt;">int myVariableB = (myVariableA + 4) * 3;

Following is the equivalent translation to assembly language. The translation requires multiple statements because assembly language works at a detailed level:

mov eax,myVariableA ; move Y to the eax register</pre>

<span style="font-family: Courier New; font-size: 10pt;">add eax,4 ; add 4 to the eax register

</span>

<span style="font-family: Courier New; font-size: 10pt;">mov ebx,3 ; move 3 to the ebx register

</span>

<span style="font-family: Courier New; font-size: 10pt;">imul ebx ; multiply eax by ebx

</span>

<span style="font-family: Courier New; font-size: 10pt;">mov myVariableB,eax ; move eax to X

100112_1550_x86Assembly3.png

A statement in high-level language is translated typically into several assembly language instructions, and a lot of 1 and 0 bits in binary form. Well, ultimately there has to be something to execute the machine language instructions. This is the system hardware, which consists of digital logic circuits and the associated support.

100112_1550_x86Assembly4.png

Pff !! .., This is all crap! I don’t get anything in this code and I am still not convinced … In JAVA, there is a reduced risk of bugs, no absence of library routines, programs are easier to maintain. And you don’t get BORED writing long routines.

Why Should I Care?

It’s fast– Assembly programs are generally faster than programs created in higher level languages. Often, programmers write speed-essential functions in Assembly. It’s powerful – You are given unlimited power over your assembly programs. Sometimes, higher level languages have restrictions that make implementing certain things difficult. It’s small– Assembly programs are often much smaller than programs written in other languages. This can be very useful if space is an issue.

It’s magic - To investigate an application whose source code is not available (and most frequently, this is the case), it is necessary to discover and analyze its algorithm, which is spread over the jungle of assembly code. Or, to understand how a client/server application communicates, it is necessary to analyze packets and reverse engineer the undocumented protocol. Sometimes, when a specific vulnerability is exposed, a company may discover more related bugs, so they fix them silently with no public announcements, and a person may reverse engineer the patches or fixes and detect what changes have been made to a particular file and possibly create exploit code to exploit it. Also, investigation of undocumented features of the operating system or a file format is also carried out using Assembly.

Other tasks that can be done using this language include searching for backdoors, neutralizing viruses, customizing applications for the hacker’s own goals, cracking secret algorithms — the list is endless. The area of application of Assembly language is so wide that it is much easier to list the areas to which it has no relation.

Assembly language is the only computer language that lets you talk to a computer in its native tongue, commanding the hardware to perform exactly as you say. If you like to be in charge, if you like to control things, if you’re interested in details, you’ll be right at home with assembly language. Believe me, Assembly is the true language for programmers ! A hacker that hasn’t mastered Assembly language is not a hacker because nothing really moves without it.

Who Needs to Learn It?

Software Vulnerability Analysts, Bug Hunters, Shell-coders, Exploit Writers, Reverse Code Engineers, Virus Authors, Malware Analysts .. And many more! Sometimes, some math applications or 3D games need optimization, so they call Assembly.

For instance, consider the situation, in which an infamous General Protection Fault window pops up, containing an error message informing the user about a critical error. Application Programmers or Software Engineers, cursing and swearing, obediently close the application and are at a loss (they only guess that this is the program’s karma). All of these messages and dumps are unintelligible to them. The situation is different for the ones that have mastered Assembly. These guys go by the specified address, correct the bug, and often recover unsaved data.

What Types of Programs Will I Create?

I’d also like to mention that all examples included in this saga were tested under operating systems of the Windows NT family from Windows 2000 upwards. Therefore, although I did my best, I cannot guarantee that all examples will work under Windows 9x systems or Windows ME.

You can write desktop, networking, or database management apps;

You can write gaming and DirectX apps;

You can write crackmes, trainers, or security tools..

… In Assembly, you are limited only by your imagination.

Tiny Web Browser from the WinAsm Forum.

100112_1550_x86Assembly5.png

EzProcess : Process/Thread Manager Program from the WinAsm Forum.

100112_1550_x86Assembly6.png

Oldies but Goodies, PacMan in pure ASM :

100112_1550_x86Assembly7.jpg

For our beloved crackers, a key generator from FOFF Team :

100112_1550_x86Assembly8.png

Why x86 Family Processors? Why Windows?

Assembly language programs can be written for any operating system and CPU model. Most people at this point are using Windows on x86 CPUs, so we will start off with programs that run in this environment. Once a basic grasp of the assembly language is obtained, it should be easy to write programs for different environments.

What Background Should I Have?

You should have programmed in at least one structured high-level language, such as Java, C, C++, Pascal, Python, or Visual Basic. Generally speaking, you should know what is a variable, an array, a string, what are functions & how to use an IF/WHILE statement to solve programming problems. It’s not a must, but it is advisable.

Listen gentleman:

Now you know that any programming task that can be done in a high level language can also be done in Assembly language since all high level languages have to compile source code down to Assembly language code level for CPU execution. I hope that you understand also that Assembly is more needed when size or time speed matter. Finally I’m sure that you get the idea that Assembly is CPU-dependent, we are focusing the x86-32bits family here, under the Windows platform.

With that piece of information in hand, we shall go off to next chapter, setting up an environment development with the right tools. What about meeting tomorrow folks? Same time same place. Bring your laptops.

The girl: Humm!! Impressive. Tell me, what is that question you wanted to ask me?

Me: Aha!! Let me ask you first what is your name?

Her: They call me Megabyte. You?

Me: They call me Noteworthy. Were you interested in the conversation?

Her : Oh yes : )

Me: So what about joining us tomorrow?

Her: That would be my pleasure. See you tomorrow.

source: x86 Assembly Language, Part 1 - InfoSec Institute

  • Upvote 1
Link to comment
Share on other sites
  • Active Members
MrGrj Explorer

MrGrj

Posted
  • Active Members
Posted

Now you know that any programming task that can be done in a high level language can also be done in Assembly language since all high level languages have to compile source code down to Assembly language code level for CPU execution.

Am ramas fara aer la cat de lunga a fost fraza asta :D

Asteptam partea a 2-a.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...