The document discusses various methods of writing and assembling a simple "Hello World" program in x86 Assembly using NASM, including:
1) Using Linux system calls to write to stdout and exit
2) Using Win32 system calls and avoiding interrupts
3) Using C library functions like printf and linking with gcc for cross-platform compatibility
The document discusses the ELF file format and dynamic linking process. It describes the ELF header, program header table, and segments that make up an ELF file. The dynamic linker loads segments into memory, resolves symbols using hash tables, and initializes shared libraries and the main executable in the correct order. Symbol resolution involves determining the symbol hash, searching hash buckets in each library, and comparing names.
Chapter 3 INSTRUCTION SET AND ASSEMBLY LANGUAGE PROGRAMMINGFrankie Jones
3.1 UNDERSTANDING INSTRUCTION SET AND ASSEMBLY LANGUAGE
3.1.1 Define instruction set,machine and assembly language
3.1.2 Describe features and architectures of various type of microprocessor
3.1.3 Describe the Addressing Modes
3.2 APPLY ASSEMBLY LANGUAGE
3.2.1 Write simple program in assembly language
3.2.2 Tool in analyzing and debugging assembly language program
The document discusses ANSI C macros and the C preprocessor. It explains that the preprocessor allows constants and macros to be defined which makes writing C programs easier. Key points covered include:
1. How the preprocessor works by modifying the source code before compiling based on directives.
2. Common directives like #define, #include, #ifdef and macros with and without arguments.
3. How macros replace symbols and can be defined in terms of other macros.
4. The use of header files and standard library header files.
5. Other directives like #undef, #if and predefined macros like __DATE__ and __FILE__.
The document provides information about assembly language, including definitions, instruction formats, and the process of assembling, linking and executing an assembly language program. It defines assembly language as a language that uses symbols and letters instead of binary to represent instructions and storage locations. It also describes common instruction types like data transfer, arithmetic, logic and shift instructions. Finally, it outlines the steps to create an assembly program, which includes writing source code, assembling it, linking the object files, and executing the final executable.
Performance Characterization of the Pentium Pro ProcessorDileep Bhandarkar
HPCA 3 Paper
In this paper, we characterize the performance of several business and technical benchmarks on a Pentium Pro processor based system. Various architectural data are collected using a performance monitoring counter tool. Results show that the Pentium Pro processor achieves significantly lower cycles per instruction than the Pentium processor due to its out of order and speculative execution, and non-blocking cache and memory system. Its higher clock frequency also contributes to even higher performance.
This document discusses C++ streams and stream classes. It explains that streams represent the flow of data in C++ programs and are controlled using classes. The key classes are istream for input, ostream for output, and fstream for file input/output. It provides examples of reading from and writing to files using fstream, and describes various stream manipulators like endl. The document also discusses the filebuf and streambuf base classes that perform low-level input/output operations.
The document discusses pointers and user spaces in RPG IV. It explains that pointers contain memory addresses and allow fields to be based on and dynamically allocated based on the pointer value. Pointers are used with parameter passing, multiple occurrence data structures, C functions, dynamic memory allocation, and user spaces. The document provides examples of using pointers with parameter lists, accessing trigger buffers, and dynamic memory allocation.
This document discusses C input/output (I/O) and file handling. It covers key concepts like file access control blocks, opening and closing files with fopen() and fclose(), reading and writing characters and lines with functions like getc(), putc(), fgets(), and fputs(), formatted I/O with printf() and scanf(), binary I/O with fread() and fwrite(), and other file operations like repositioning and deleting with fseek(), rewind(), and unlink(). The standard I/O library stdio.h contains definitions and functions for file I/O in C.
The document discusses different addressing modes in assembly language including register, immediate, direct memory, indirect, and direct-offset addressing. It also describes the MOV instruction which is used to move data between registers and memory locations. The MOV instruction supports five forms depending on whether the source and destination operands are registers or memory locations.
The document provides an overview of the vi text editor, describing how to navigate and edit files, add and delete text, search for text, and save files. Vi has two modes - command mode for navigation and append/insert mode for adding text. It allows moving cursor, searching, deleting lines/characters, undoing changes, and quitting to save files. Advanced features include substituting text globally and marking blocks to move or copy.
This document discusses various ways to handle command line parameters, create delays, and generate random numbers in C programs. It explains that command line parameters are stored in the Program Segment Prefix and copied into argv by startup code. It provides an example to retrieve parameters directly from the PSP. It also discusses using DOS interrupt 0x15 to create delays measured in microseconds, and using the rand() and srand() functions to generate pseudorandom numbers based on a seed value.
The document provides an overview of shells and their functions. It discusses how shells interpret commands, execute utilities by launching child processes, and customize functionality through variables and startup files. Key points include shells acting as an interface between the user and kernel by translating commands, child processes inheriting environments, and customizations like aliases, prompts, and startup files tailoring each shell.
This document provides an overview of various Linux utilities for examining files, manipulating text, performing calculations, sorting data, and more. It summarizes the purpose and basic usage of utilities like wc, cat, more, grep, sort, uniq, cut, paste and others. Key functions covered include viewing file contents, searching/filtering text, mathematical operations, ordering lines, and identifying duplicate lines.
Macros allow programmers to define abbreviations for sequences of instructions. A macro definition specifies the macro name and the sequence of instructions to be abbreviated. When a macro is called, it is expanded by replacing the macro name with the defined sequence of instructions. Macros can call other macros, requiring macro processors to handle nested macro expansion. Macro processors implement macros using a single or double pass approach to first save macro definitions and then expand macro calls by substituting argument values.
The document summarizes various UNIX file APIs for opening, reading, writing, closing, and querying files. It describes functions like open(), read(), write(), close(), stat(), fstat(), lseek(), link(), unlink(), chmod(), and utime(). For each function, it provides the header files, function prototype, parameters, and purpose in 1-3 sentences.
The document discusses different addressing modes used by processors to obtain instruction operands. It provides examples of 5 addressing modes - immediate, direct, register indirect, base (indexed), and PC relative. For each mode, it shows a pseudo assembly language usage and how the instruction would be compiled into memory locations. The modes allow operands to be specified directly in the instruction, via a register containing the address, or using an offset from the program counter or a base register.
This document discusses linker scripts and their purpose. It explains that linker scripts control how sections from input files are mapped into the output file and define the memory layout. It describes several keywords used in linker scripts like ENTRY, OUTPUT_FORMAT, MEMORY, and SECTIONS. The SECTIONS keyword is used to describe the memory layout by assigning sections like .text, .data, and .bss to addresses.
This is an intermediate conversion course for C++, suitable for second year computing students who may have learned Java or another language in first year.
The document provides an overview of PL/SQL including that it was developed by Oracle as a procedural language extension for SQL, its syntax is based on Ada and Pascal, and it requires Oracle Database to be installed. It also summarizes PL/SQL's basic structure using blocks with declaration, execution, and exception sections. Data types in PL/SQL including scalar, LOB, composite, and reference types are outlined.
The document discusses C programming on Raspberry Pi and ARM assembly language. It begins with an overview of C and how a C program is compiled into executable code. It then covers ARM assembly language basics like instructions, registers, and calling conventions. Examples are provided to demonstrate how to write ARM assembly code, compile it into an object file, and link it to produce an executable that performs a "hello world" system call. The document aims to help understand the process of compiling C to machine code and writing ARM assembly programs for Raspberry Pi.
The program displays the string "Enter a string" on the monitor using the write system call. It defines the string in the .data section and its length. In the .text section, it loads the necessary registers and makes the write system call before exiting with no error.
The document provides an overview of the initialization phase of the Linux kernel. It discusses how the kernel enables paging to transition from physical to virtual memory addresses. It then describes the various initialization functions that are called by start_kernel to initialize kernel features and architecture-specific code. Some key initialization tasks discussed include creating an identity page table, clearing BSS, and reserving BIOS memory.
The document discusses various arithmetic instructions in assembly language including INC, DEC, ADD, SUB, MUL, DIV.
It explains the syntax and usage of each instruction, showing how they can increment, decrement, add, subtract, multiply or divide operands in registers or memory. Examples are given to illustrate how to perform basic arithmetic operations like addition and multiplication of numbers entered by the user.
Shellcode is machine code that executes a shell when run. This document discusses shellcode, including:
- Shellcode injects machine code into a vulnerable application to spawn a shell.
- Three examples of shellcode are provided: an exit system call, displaying a message, and spawning a shell.
- Registers, assembly instructions, and system calls used in Linux are explained for creating shellcode.
Shellcode Disassembling - Reverse EngineeringSumutiu Marius
This document provides a basic guide to reverse engineering Linux x86 shellcode. It summarizes reversing two sample shellcodes: 1) A simple shellcode that reads the /etc/passwd file, and 2) An XOR encrypted shellcode that launches a new ksh shell with root privileges. It explains breaking down the shellcode using a debugger to understand what it is doing by examining registers, system calls and related functions. The goal is to understand how the shellcode works rather than just trusting its described purpose.
This document provides an overview of x86 assembly language and the GNU Debugger (GDB). It describes the process of creating an executable file from source code using preprocessing, compilation, assembly and linking. It also covers x86 registers, common instructions like MOV, PUSH, CALL and RET. The document introduces Intel and AT&T syntax and system calls. Finally, it outlines basic operations and commands in GDB like breaking, running, examining memory and registers.
The document provides a basic guide to reverse engineering Linux x86 shellcode. It summarizes reversing two sample shellcodes: 1) A simple program that reads the /etc/passwd file by executing the cat command. By examining registers, it is determined the shellcode executes execve to read the file. 2) An XOR encrypted shellcode that decrypts itself before launching a ksh shell with root privileges using the setreuid system call. Breakpoints are used to stop and disassemble the shellcode at key points to understand its functionality.
This document discusses procedures in assembly language. It covers defining procedures, documenting procedures, using the CALL and RET instructions to call and return from procedures, and examples of procedures including a SumOf procedure and nested procedure calls. Local variables within procedures are also mentioned.
ironSource's security application expert, Tomer Zait, shares his insights on engineering in the stack. Tomer, an Ort Singalovsky alumnus himself, gave this presentation to the Ort Singalovsky students on their tour of ironSource's headquarters in Tel Aviv.
Want to learn more about ironSource? Visit our website: www.ironsrc.com
Follow us on Twitter @ironSource
ironSource is looking for new talent! Check out our openings: http://bit.ly/Work-at-ironSource
The document discusses different ways of representing numerical data in assembly language programming. It explains that numbers are generally represented in binary format for arithmetic operations but displayed in ASCII format for human readability. It then describes four methods for processing numerical data: ASCII representation which stores numbers as ASCII characters; unpacked BCD representation which stores each decimal digit in a byte; packed BCD representation which stores two digits in a byte; and binary representation for direct arithmetic operations. It provides examples of how to convert between these representations and use specific instructions to perform addition and subtraction on ASCII and BCD formatted numbers.
System calls allow programs to interface with the kernel and perform tasks like input/output. In assembly, system calls are made by putting the system call number in the EAX register, arguments in registers like EBX and ECX, and calling the interrupt 80h. Common system calls include sys_write to output to the screen and sys_exit to terminate a program. The example code demonstrates using sys_write to prompt for user input, sys_read to get input, and sys_write again to display it before exiting with sys_exit.
Disk and terminal drivers allow processes to communicate with peripheral devices like disks, terminals, printers and networks. A disk driver translates file system addresses to specific disk sectors. A terminal driver controls data transmission to and from terminals and processes special characters through line disciplines. Device drivers are essential for all input/output in the UNIX operating system.
Here are the key differences between CALL and INVOKE in x86 assembly:
- CALL is used to call a procedure without passing any parameters, while INVOKE allows passing parameters to procedures.
- When using CALL, any parameters need to be passed via registers or stack before the CALL. INVOKE handles pushing parameters onto the stack.
- A procedure called with CALL must pop its own parameters from the stack after the call, while a procedure called with INVOKE has the parameters automatically popped from the stack.
- INVOKE provides a simpler, higher-level way of calling procedures that mimics function calls in high-level languages by automatically handling parameter passing via the stack. CALL requires manually handling the
This document provides an introduction to shellcoding, which involves exploiting software vulnerabilities to insert and execute a custom payload. It discusses prerequisites like assembly language and memory structure. Key topics covered include the program stack, calling conventions, system calls, and writing shellcodes to reference data, print to stdout, and execute a program. The document concludes by outlining the steps to create a reverse shell shellcode that connects back to an attacker's server.
The Linux kernel acts as an interface between applications and hardware, managing system resources and providing access through system calls; it uses a monolithic design where all components run in the kernel thread for high performance but can be difficult to maintain, though Linux allows dynamic loading of modules. Device drivers interface hardware like keyboards, hard disks, and network devices with the operating system, and are implemented as loadable kernel modules that are compiled using special makefiles and registered with the kernel through system calls.
This document discusses assembly language directives and mixed-mode programming. It provides examples of assembly directives like .byte, .word, .section that reserve data locations and section code. It also discusses using inline assembly in C/C++ programs and the rules for calling assembly routines from high-level languages.
This document provides an introduction to 8086 assembly language programming. It discusses key concepts like variables, assignment, input/output, control flow, and subprograms. It then describes specific 8086 instructions like MOV for assignment, ADD, INC, DEC, and SUB for arithmetic operations, and INT for input/output. The document gives examples of writing simple programs that display or read characters using these instructions.
Tale of a Scholar and a Boatman ~ A Story with Life Lessons (Eng. & Chi.).pptxOH TEIK BIN
A PowerPoint Presentation of a meaningful story that teaches important Life Lessons /Virtues /Moral values.
The texts are in English and Chinese.
For the Video with audio narration and explanation in English, please check out the Link:
https://www.youtube.com/watch?v=GH71Ds2WzU8
Plato and Aristotle's Views on Poetry by V.Jesinthal Maryjessintv
PPT on Plato and Aristotle's Views on Poetry prepared by Mrs.V.Jesinthal Mary, Dept of English and Foreign Languages(EFL),SRMIST Science and Humanities ,Ramapuram,Chennai-600089
What is the Difference Between Lot & Serial Number in Odoo 17Celine George
In Odoo, both lots and serial numbers are used for tracking inventory, Now we can take look into about the difference between the lot number and serial number through this slide.
Vortrag auf der Sub-Konferenz "Planning, democracy and postcapitalism" als Teil der Jahrestagung der französischen Assoziation für politische Ökonomie (Association française d’économie politique) 2024 in Montpellier/Frankreich.
Introduction to Literary Criticism 10 (1).pptxjessintv
Introduction to Literary Criticism prepared by Mrs.V.Jesinthal Mary,Asst.Professor,Dept of English and other foreign Languages (EFL), SRMIST Science and Humanities, Ramapuram,
Chennai-600089
Email Marketing in Odoo 17 - Odoo 17 SlidesCeline George
Email marketing is used to send advertisements or commercial messages to specific groups of people by using email. Email Marketing also helps to track the campaign’s overall effectiveness. This slide will show the features of odoo 17 email marketing.
How to install python packages from PycharmCeline George
In this slide, let's discuss how to install Python packages from PyCharm. In case we do any customization in our Odoo environment, sometimes it will be necessary to install some additional Python packages. Let’s check how we can do this from PyCharm.
Odoo 17 Project Module : New Features - Odoo 17 SlidesCeline George
The Project Management module undergoes significant enhancements, aimed at providing users with more robust tools for planning, organizing, and executing projects effectively.
A history of Innisfree in Milanville, PennsylvaniaThomasRue2
A history of Innisfree in Milanville, Damascus Township, Wayne County, Pennsylvania. By TOM RUE, July 23, 2023. Innisfree began as "an experiment in democracy," modeled after A.S. Neill's "Summerhill" school in England, "the first libertarian school".
How to Use Serial Numbers to Track Products in Odoo 17 InventoryCeline George
Mainly lots or serial numbers are used for tracking the products. Lots are actually the codes that applied for collection of products. But serial numbers are distinct numbers allocated for a particular product. Lots and serial numbers in the products will help to manage the inventory, to trace the products that reached their expiry date. This slide will show how to use lots and serial numbers to track products in odoo 17 inventory.
How to Use Serial Numbers to Track Products in Odoo 17 Inventory
X86 assembly nasm syntax
1. X86 Assembly/NASM Syntax 1
X86 Assembly/NASM Syntax
The Netwide Assembler is an x86 and x86-64 assembler that uses syntax similar to Intel. It supports a variety of
object file formats, including:
1.1. ELF32/64
2.2. Linux a.out
3.3. NetBSD/FreeBSD a.out
4.4. MS-DOS 16-bit/32-bit object files
5.5. Win32/64 object files
6.6. COFF
7.7. Mach-O 32/64
8.8. rdf
NASM runs on both Unix and Windows/DOS.
NASM Syntax
The Netwide Assembler (NASM) uses a syntax "designed to be simple and easy to understand, similar to Intel's but
less complex". This means that the operand order is dest then src, as opposed to the AT&T style used by the GNU
Assembler. For example,
mov ax, 9
loads the number 9 into register ax.
For those using gdb with nasm, you can set gdb to use Intel-style disassembly by issuing the command:
set disassembly-flavor intel
Comments
A single semi-colon is used for comments, and functions the same as double slash in C++: the compiler ignores from
the semicolon to the next newline.
Macros
NASM has powerful macro functions, similar to C's preprocessor. For example,
%define newline 0xA
%define func(a, b) ((a) * (b) + 2)
func (1, 22) ; expands to ((1) * (22) + 2)
%defmacro print 1 ; macro with one argument
push dword %1 ; %1 means first argument
call printf
add esp, 4
%endmacro
print mystring ; will call printf
2. X86 Assembly/NASM Syntax 2
Example I/O (Linux and BSD)
To pass the kernel a simple input command on Linux, you would pass values to the following registers and then send
the kernel an interrupt signal. To read in a single character from standard input (such as from a user at their
keyboard), do the following:
; read a byte from stdin
mov eax, 3 ; 3 is recognized by the system as meaning "read"
mov ebx, 0 ; read from standard input
mov ecx, variable ; address to pass to
mov edx, 1 ; input length (one byte)
int 0x80 ; call the kernel
After the int 0x80, eax will contain the number of bytes read. If this number is < 0, there was a read error of
some sort.
Outputting follows a similar convention:
; print a byte to stdout
mov eax, 4 ; the system interprets 4 as "write"
mov ebx, 1 ; standard output (print to terminal)
mov ecx, variable ; pointer to the value being passed
mov edx, 1 ; length of output (in bytes)
int 0x80 ; call the kernel
BSD systems (MacOS X included) use similar system calls, but convention to execute them is different. While on
Linux you pass system call arguments in different registers, on BSD systems they are pushed onto stack (except the
system call number, which is put into eax, the same way as in Linux). BSD version of the code above:
; read a byte from stdin
mov eax, 3 ; sys_read system call
push dword 1 ; input length
push dword variable ; address to pass to
push dword 0 ; read from standard input
push eax
int 0x80 ; call the kernel
add esp, 16 ; move back the stack pointer
; write a byte to stdout
mov eax, 4 ; sys_write system call
push dword 1 ; output length
push dword variable ; memory address
push dword 1 ; write to standard output
push eax
int 0x80 ; call the kernel
add esp, 16 ; move back the stack pointer
; quit the program
mov eax, 1 ; sys_exit system call
push dword 0 ; program return value
push eax
3. X86 Assembly/NASM Syntax 3
int 0x80 ; call the kernel
Hello World (Linux)
Below we have a simple Hello world example, it lays out the basic structure of a nasm program:
global _start
section .data
; Align to the nearest 2 byte boundary, must be a power of two
align 2
; String, which is just a collection of bytes, 0xA is newline
str: db 'Hello, world!',0xA
strLen: equ $-str
section .bss
section .text
_start:
;
; op dst, src
;
;
; Call write(2) syscall:
; ssize_t write(int fd, const void *buf, size_t count)
;
mov edx, strLen ; Arg three: the length of the string
mov ecx, str ; Arg two: the address of the string
mov ebx, 1 ; Arg one: file descriptor, in this case stdout
mov eax, 4 ; Syscall number, in this case the write(2) syscall:
int 0x80 ; Interrupt 0x80
;
; Call exit(3) syscall
; void exit(int status)
;
mov ebx, 0 ; Arg one: the status
mov eax, 1 ; Syscall number:
int 0x80
In order to assemble, link and run the program we need to do the following:
$ nasm -felf32 -g helloWorld.asm
$ ld -g helloWorld.o
$ ./a.out
4. X86 Assembly/NASM Syntax 4
Hello World (Using only Win32 system calls)
In this example we are going to rewrite the hello world example using Win32 system calls. There are several major
differences:
1.1. The intermediate file will be a Microsoft Win32 (i386) object file
2.2. We will avoid using interrupts since they may not be portable and therefore we need to bring in several calls from
kernel32 DLL
global _start
extern _GetStdHandle@4
extern _WriteConsoleA@20
extern _ExitProcess@4
section .data
str: db 'hello, world',0xA
strLen: equ $-str
section .bss
numCharsWritten: resb 1
section .text
_start:
;
; HANDLE WINAPI GetStdHandle( _In_ DWORD nStdHandle ) ;
;
push dword -11 ; Arg1: request handle for standard output
call _GetStdHandle@4 ; Result: in eax
;
; BOOL WINAPI WriteConsole(
; _In_ HANDLE hConsoleOutput,
; _In_ const VOID *lpBuffer,
; _In_ DWORD nNumberOfCharsToWrite,
; _Out_ LPDWORD lpNumberOfCharsWritten,
; _Reserved_ LPVOID lpReserved ) ;
;
push dword 0 ; Arg5: Unused so just use zero
push numCharsWritten ; Arg4: push pointer to numCharsWritten
push dword strLen ; Arg3: push length of output string
push str ; Arg2: push pointer to output string
push eax ; Arg1: push handle returned from _GetStdHandle
call _WriteConsoleA@20
;
; VOID WINAPI ExitProcess( _In_ UINT uExitCode ) ;
5. X86 Assembly/NASM Syntax 5
;
push dword 0 ; Arg1: push exit code
call _ExitProcess@4
In order to assemble, link and run the program we need to do the following. This example was run under cygwin, in
a Windows command prompt the link step would be different. In this example we use the -e command line option
when invoking ld to specify the entry point for program execution. Otherwise we would have to use
_WinMain@16 as the entry point rather than _start. One last note, WriteConsole() does not behave well
within a cygwin console, so in order to see output the final exe should be run within a Windows command prompt:
$ nasm -f win32 -g helloWorldWin32.asm
$ ld -e _start helloWorldwin32.obj -lkernel32 -o helloWorldWin32.exe
Hello World (Using C libraries and Linking with gcc)
In this example we will rewrite Hello World to use printf(3) from the C library and link using gcc. This has
the advantage that going from Linux to Windows requires minimal source code changes and a slightly different
assemble and link steps. In the Windows world this has the additional benefit that the linking step will be the same in
the Windows command prompt and cygwin. There are several major changes:
1. The "hello, world" string now becomes the format string for printf(3) and therefore needs to be null
terminated. This also means we do not need to explicitly specify it's length anymore.
2.2. gcc expects the entry point for execution to be main
3. Microsoft will prefix functions using the cdecl calling convention with a underscore. So main and printf
will become _main and _printf respectively in the Windows development environment.
global main
extern printf
section .data
fmtStr: db 'hello, world',0xA,0
section .text
main:
sub esp, 4 ; Allocate space on the stack for one 4 byte parameter
lea eax, [fmtStr]
mov [esp], eax ; Arg1: pointer to format string
call printf ; Call printf(3):
; int printf(const char *format, ...);
add esp, 4 ; Pop stack once
ret
In order to assemble, link and run the program we need to do the following.
6. X86 Assembly/NASM Syntax 6
$ nasm -felf32 helloWorldgcc.asm
$ gcc helloWorldgcc.o -o helloWorldgcc
The Windows version with prefixed underscores:
global _main
extern _printf ; Uncomment under Windows
section .data
fmtStr: db 'hello, world',0xA,0
section .text
_main:
sub esp, 4 ; Allocate space on the stack for one 4 byte parameter
lea eax, [fmtStr]
mov [esp], eax ; Arg1: pointer to format string
call _printf ; Call printf(3):
; int printf(const char *format, ...);
add esp, 4 ; Pop stack once
ret
In order to assemble, link and run the program we need to do the following.
$ nasm -fwin32 helloWorldgcc.asm
$ gcc helloWorldgcc.o -o helloWorldgcc