# Assembly Assembly language is a low-level programming language that is used to directly control a computer's hardware. It is a symbolic representation of the machine code instructions that a computer's processor can execute. Assembly language is specific to a certain computer architecture and is often used for system programming, such as operating system development, device drivers, and embedded systems. ## Hello World! ```nasm BITS 32 section .data hello db 'Hello, World!',0 section .text global _start _start: ; write hello to stdout mov edx, 13 ; message length mov ecx, hello ; message to write mov ebx, 1 ; file descriptor (stdout) mov eax, 4 ; system call number (sys_write) int 0x80 ; call kernel ; exit mov eax, 1 ; system call number (sys_exit) xor ebx, ebx ; return value (0) int 0x80 ; call kernel ``` To compile the script you will need `nasm` and `ld` package. Here's an example bellow to "compile" a assembly script. In reality we not say "compile" bur link. ```bash nasm -f elf64 -o script.o script.asm ; ld -o script script.o ``` ## +4 This script get an input from a user and add 4 to it. ```nasm BITS 32 section .data userMsg db 'Please enter a number: ' lenUserMsg equ $-userMsg dispMsg db 'The number +4 : ' lenDispMsg equ $-dispMsg section .bss num resb 5 section .text global _start _start: mov eax, 4 mov ebx, 1 mov ecx, userMsg mov edx, lenUserMsg int 80h ;Read and store the user input mov eax, 3 mov ebx, 2 mov ecx, num mov edx, 5 int 80h ;Output the message 'The entered number is: ' mov eax, 4 mov ebx, 1 mov ecx, dispMsg mov edx, lenDispMsg int 80h ;+4 for num add dword [num], 4 ;Output the number entered mov eax, 4 mov ebx, 1 mov ecx, num mov edx, 5 int 80h ; Exit code mov eax, 1 mov ebx, 0 int 80has ``` ## Alphabet Our mission is to make an assembly script with the expected output. ![](/files/fT1XzJf85CNpfOkxDVsi) Here's the script. ```nasm BITS 64 global _start section .text _start: mov r14, 0x41 mov r13, 0xA mov r15, 0x5A+1 _forloop: mov rax, 1 mov rdi, 1 push r14 mov rsi, rsp mov rdx, 0x1 syscall mov rax, 1 mov rdi, 1 push r13 mov rsi, rsp mov rdx, 1 syscall inc r14 cmp r14, r15 je _quit jmp _forloop _quit: mov rax, 60 mov rdi, 0 syscall ``` ## Reverse Engineering ### What's Reverse Engineering ? Reverse engineering is the process of analyzing a software program to understand how it works and to identify any vulnerabilities that could be exploited. Assembly language can be used as a tool for reverse engineering because it is a low-level programming language that provides a direct representation of the machine code instructions that a computer's processor can execute. When reverse engineering a program, a pentester may use a disassembler to convert the program's machine code into assembly language. This allows them to see the program's instructions and understand how it works. By analyzing the assembly code, a pentester can identify any potential vulnerabilities in the program, such as buffer overflows, that could be exploited to gain unauthorized access to a system. Additionally, assembly language can be used to patch a program to fix vulnerabilities or to add new features. This is called reverse engineering of code. It's a powerful technique to analyze how a software works and can be used as a way to modify, enhance or fix it. It's important to note that reverse engineering could be illegal and illegal in some countries, so it's important to have legal authorization before doing it. ### Requirements First, we need to install `gef` . If you want to see the repo... {% embed url="" %} ### Installation Here's how to install it. ```bash # via the install script ## using curl $ bash -c "$(curl -fsSL https://gef.blah.cat/sh)" ## using wget $ bash -c "$(wget https://gef.blah.cat/sh -O -)" # or manually $ wget -O ~/.gdbinit-gef.py -q https://gef.blah.cat/py $ echo source ~/.gdbinit-gef.py >> ~/.gdbinit # or alternatively from inside gdb directly $ gdb -q (gdb) pi import urllib.request as u, tempfile as t; g=t.NamedTemporaryFile(suffix='-gef.py'); open(g.name, 'wb+').write(u.urlopen('https://tinyurl.com/gef-main').read()); gdb.execute('source %s' % g.name) ``` ### Let's start! To start `gdb` just use the command `gdb` with the binary file. ```bash gdb ./binary.bin ``` ![](/files/KMGJ9L3dGZO2PvLweH8x) Let's tell the program that we want to disassembly the binary. ```bash disas _start ``` ![](/files/eD6cfaa66jddi7aAFKca) Now we have to specify an address to tell the program where to start RE. ```bash b * _start +0 ``` ![](/files/mKJ5z0L3hCdEaXcnANGx) ```bash run ``` ![](/files/umYKVzZSZHnpfi4tpOF0) Let's find what's that meen. ![](/files/KeQs83lL2zou5AOGNJGQ) ![](/files/EgygF4cNp2hmUcIrVXI8) {% embed url="" %} Assembly VS You {% endembed %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://fastiraz.gitbook.io/doc/documentations/dev/assembly.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.