As I mentioned in my last post I was in the middle of completing a series of YouTube videos on Assembly Primer for Hackers. I am proud to say I finally finished the video series and I would encourage anyone trying to learn Assembly that they should definitely watch this series. The eleven videos that I went through broke down how Assembly programs work and how information is pushed into registers and different memory locations. The instructor provided us with code to use and was extremely thorough in his explanation of the different concepts. I learned how to move things in and out of registers and how to verify and debug programs using GDB.
The greatest moment occurred near the end of the video series. The last 2 programs which went over functions and function stacks gave me issues as the programs that he wrote were for 32-bit architecture and I was running GDB in a 64-bit architecture. I spent a good portion of yesterday on video 10 trying to get certain push and pop functions to work. The program called for a "pushl" and "popl" which are commands used to push and pop in a 32-bit architecture. After banging my head against the wall for a bit and a lot of Googleing I still could not get it but thankfully the first comment told me how to change the push and pop commands as well as the registers, for example, %eax becomes %rax in a 64-bit system and "pushl" becomes "pushq" and "popl" becomes "popq".
The last video which had to do with function stacks gave me a little bit more trouble but not as bad as video 10. When I got the program I saw the same push and pop commands I saw in video 10. Since I already knew how to fix those I did those first. I was able to compile and link but when I ran it the program through an error. Eventually, after much back and forth, I re-wrote all the commands to represent 64-bit architecture and was able to compile, link and run the program. The only problem is that it was just exiting out and not writing HelloWorld. I tried running it in GDB to see if it would shed any light but I could not figure it out on my own. As I watched the rest of the video I saw my issue as the instructor explained how and where things were being placed in the stack. Since he was basing his program and video off of 32-bit the memory space was in 4-bytes instead of 8 in the 64-bit architecture. After doing some math and mapping of the address space I was able to successfully edit the program to look at the right memory space to pull the HelloWorld and print it on the screen. After recompiling the program and running it, HelloWorld appeared and it was a joyous moment. I was able to understand what was going on and how to read the stack properly to adjust my program from 32 to 64 bit.
The next series I am going to be watching is on exploit research and given how well the Assembly Primer series went I cannot wait to tackle this one. Until next time.
Assembly Primer for Hackers
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.