Understanding x64 Assembly Programming Essentials

Slide Note
Embed
Share

Dive into the world of x64 assembly programming with a focus on registers, operands, addressing modes, and more. Explore key concepts such as bomb labs, GDB, Unix commands, and the importance of registers in hardware. Enhance your understanding of moving data between registers and memory while dissecting heavily redacted source files to outsmart Dr. Evil.

ima_se
ima_se Follow

Uploaded on Oct 09, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. 15-213 Recitation 2Feb 2015 Jimmy Jin

  2. Agenda Bomb Lab Overview Assembly Refresher Introduction to GDB Unix Refresher Bomb Lab Demo

  3. Downloading Your Bomb Please read the writeup. Please read the writeup. Please Read The Writeup. Your bomb is unique to you. Dr. Evil has created one million billion bombs, and can distribute as many new ones as he pleases. Bombs have six phases which get progressively hardermore fun to use. Bombs can only run on the shark clusters. They will blow up if you attempt to run them locally.

  4. Exploding Your Bomb Blowing up your bomb notifies Autolab. Dr. Evil takes 0.5of your points each time. Inputting the right string moves you to the next phase. Jumping between phases detonates the bomb

  5. Examining Your Bomb You get: An executable A readme A heavily redacted source file Source file just makes fun of you. Outsmart Dr. Evil by examining the executable

  6. What Are Registers? Register Some place in hardware that stores bits It is NOT on the stack or in the main memory Important When moving data between registers and memory, only the DATA moves, not the register.

  7. x64 Assembly: Registers %rax %eax %rbx %ebx %rcx %ecx Arg 4 %r8 %r9 %r10 %r8d Return Arg 5 %r9d Arg 6 %r10d %rdx %rsi %rdi %rsp %r11 %r12 %r13 %r14 %edx %r11d Arg 3 %esi %r12d Arg 2 %edi %r13d Arg 1 %esp %r14d Stack ptr %rbp %r15 %ebp %r15d

  8. x64 Assembly: Operands Type Syntax Example Notes $-42 $0x15213b Start with $ Don t mix up decimal and hex Constants %esi %rax Start with % Can store values or addresses Registers (%rbx) 0x1c(%rax) 0x4(%rcx, %rdi, 0x1) Parentheses around a register or an addressing mode Parentheses dereference. Look up addressing modes! Memory Locations

  9. Representing Addresses Parenthesis Usage: Most of the time parenthesis means dereference Example of usage: (%eax) - contents of memory at address stored, %eax (%ebx, %ecx) contents of memory stored at address, %ebx+%ecx (%ebx, %ecx, 8) contents of memory at address, %ebx+8*%ecx 4(%ebx, %ecx, 8) Contents of memory stored at address, %ebx + 8*%ecx+ 4

  10. x64 Assembly: Arithmetic Operations Instruction rdx = rbx r8 += value at rdx r8 *= 3 r8-- rdx = rdx + rbx*2 Doesn t dereference mov %rbx, %rdx add (%rdx), %r8 mul $3, %r8 sub $1, %r8 lea (%rdx,%rbx,2), %rdx Effect

  11. x64 Assembly: Calling Convention Effect Instruction call foo push %eax pop %eax Push return address, jump to label foo Push value in %eax onto stack Pop value off of stack into %eax Pop value off of stack into instruction pointer, return value stored in %eax Does absolutely nothing. Why can t it get a job and move out. ret nop

  12. x64 Assembly: Comparisons Comparison, cmp, compares two values Result determines next conditional jump instruction cmp b,a computes a-b, test b,a computes a&b Pay attention to operand order If %r10 > %r9, then jump to 8675309 cmpl %r9, %r10 jg 8675309

  13. x64 Assembly: Jumps Instruction Effect Instruction Effect jmp ja Always jump Jump if above (unsigned >) je/jz jae Jump if eq / zero Jump if above / equal jne/jnz jb Jump if !eq / !zero Jump if below (unsigned <) jg jbe Jump if greater Jump if below / equal jge js Jump if greater / eq Jump if sign bit is 1 (neg) jl jns Jump if less Jump if sign bit is 0 (pos) jle Jump if less / eq

  14. x64 Assembly: A Quick Drill If 0xdeadbeef , jump to addr cmp $0x15213, %r12 jge deadbeef cmp %rax, %rdi jae 15213b If 0x15213b , jump to addr test %r8, %r8 jnz (%rsi) If , jump to .

  15. x64 Assembly: A Quick Drill If %r12 >= 0x15213, jump to 0xdeadbeef cmp $0x15213, %r12 jge deadbeef cmp %rax, %rdi jae 15213b test %r8, %r8 jnz (%rsi)

  16. x64 Assembly: A Quick Drill cmp $0x15213, %r12 jge deadbeef If the unsigned value of %rdi is at or above the unsigned value of %rax, jump to 0x15213b. cmp %rax, %rdi jae 15213b test %r8, %r8 jnz (%rsi)

  17. x64 Assembly: A Quick Drill cmp $0x15213, %r12 jge deadbeef cmp %rax, %rdi jae 15213b test %r8, %r8 jnz (%rsi) If %r8 & %r8 is not zero, jump to the address stored in %rsi.

  18. Diffusing Your Bomb objdump -t bomb examines the symbol table objdump -d bomb disassembles all bomb code strings bomb prints all printable strings gdb bomb will open up the GNU Debugger Examine while stepping through your program registers the stack contents of program memory instruction stream

  19. Using gdb break <location> Stop execution at function name or address Reset breakpoints when restarting gdb run <args> Run program with args <args> Convenient for specifying text file with answers disas <fun>, but not dis stepi / nexti Steps / does not step through function calls

  20. Using gdb info registers Print hex values in every register print (/x or /d) $eax -Yes, use $ Print hex or decimal contents of %eax x $register, x 0xaddress Prints what s in the register / at the given address By default, prints one word (4 bytes) Specify format: /s, /[num][size][format] x/8a 0x15213 x/4wd 0xdeadbeef

  21. sscanf Bomb uses sscanf for reading strings Figure out what phase expects for input Check out man sscanf for formatting string details

  22. If you get stuck Please read the writeup. Please read the writeup. Please Read The Writeup. CS:APP Chapter 3 View lecture notes and course FAQ at http://cs.cmu.edu/~213 Office hours Sun -Thu 5:30-8:30PM in WeH 5207 man gdb, man sscanf, man objdump

  23. Unix Refresher You should know cd, ls, scp, ssh, tar, and chmod by now. Use man <command> for help. <Control-C> exits your current program.

  24. Bomb Lab Demo...

Related


Carnegie Mellon x64 Assembly: Bomb Lab Overview and Execution

Carnegie Mellon x64 Assembly: Bomb Lab Overview and Execution

callicutt_k
Understanding Assembly Language Programming for Computing Layers

Understanding Assembly Language Programming for Computing Layers

navae
Carnegie Mellon Bomb Lab Overview and Examination

Carnegie Mellon Bomb Lab Overview and Examination

csam
Understanding Assembler Directives and Symbols in Assembly Language

Understanding Assembler Directives and Symbols in Assembly Language

laszlo
Exploring Computer Programming Principles

Exploring Computer Programming Principles

dbard
Understanding Engineering Assembly Drawings and Detail Requirements

Understanding Engineering Assembly Drawings and Detail Requirements

litt952
Understanding COSC121: Computer Systems and Assembly Language Programming

Understanding COSC121: Computer Systems and Assembly Language Programming

kar_ma
Highlights of General Assembly 2021 Online Meeting

Highlights of General Assembly 2021 Online Meeting

mbrun
Detector Assembly and Cryogenics Requirements for ILD Project

Detector Assembly and Cryogenics Requirements for ILD Project

mell_i
Introduction to Assembly Language Syntax and Program Data

Introduction to Assembly Language Syntax and Program Data

jada
Decision Analysis and Operations Research in Management

Decision Analysis and Operations Research in Management

senara
Introduction to Intel Assembly Language for x86 Processors

Introduction to Intel Assembly Language for x86 Processors

delano
Introduction to 8086 Assembly Language Programming

Introduction to 8086 Assembly Language Programming

meliora
Assembly Programming in CSE351 Spring 2017

Assembly Programming in CSE351 Spring 2017

liow317
Introduction to MIPS Assembly Programming with MARS

Introduction to MIPS Assembly Programming with MARS

mazzotta_a
Understanding Assembly Language Programming and DEBUG Environment

Understanding Assembly Language Programming and DEBUG Environment

fallon
Harness Assembly Work Instructions for Electrical Wiring

Harness Assembly Work Instructions for Electrical Wiring

ludwig
Mechanical Contributions & Installation Sequences for Cathode Assembly in DUNE Project

Mechanical Contributions & Installation Sequences for Cathode Assembly in DUNE Project

ragh_6
HBWD Stripline Kicker Integration Details

HBWD Stripline Kicker Integration Details

raus505
Exploring Feed Check Valve Assembly in Mechanical Engineering Lab

Exploring Feed Check Valve Assembly in Mechanical Engineering Lab

krin_mar
Assembly Language Programming in Intel 8086: Multiplication, Division, and Array Handling

Assembly Language Programming in Intel 8086: Multiplication, Division, and Array Handling

pkhy
Module 2: PSEA and Safe Programming Training of Trainers (ToT) by CRS HRD

Module 2: PSEA and Safe Programming Training of Trainers (ToT) by CRS HRD

barnabas
Introduction to Programming and Computer Instructions

Introduction to Programming and Computer Instructions

buechler_c
Web Application Development and Programming CTE Program Overview

Web Application Development and Programming CTE Program Overview

harm_21

More Related Content