x64 Windows Debugging

Size: px
Start display at page:

Download "x64 Windows Debugging"

Transcription

1 x64 Windows Debugging Practical Foundations Dmitry Vostokov OpenTask

2 2 Published by OpenTask, Republic of Ireland Copyright 2009 by Dmitry Vostokov All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, without the prior written permission of the publisher. You must not circulate this book in any other binding or cover and you must impose the same condition on any acquirer. OpenTask books are available through booksellers and distributors worldwide. For further information or comments send requests to: press@opentask.com Microsoft, MSDN, Visual C++, Visual Studio, Win32, Windows, Windows Server and Windows Vista are registered trademarks of Microsoft Corporation. Other product and company names mentioned in this book may be trademarks of their owners. A CIP catalogue record for this book is available from the British Library. ISBN-13: (Paperback) First printing, 2009

3 Preface 3 Summary of Contents Preface Acknowledgements About the Author Chapter 1: Memory, Registers and Simple Arithmetic Chapter 2: Debug and Release Binaries Chapter 3: Number Representations Chapter 4: Pointers Chapter 5: Bytes, Words and Double Words Chapter 6: Pointers to Memory Chapter 7: Logical Instructions and EIP Chapter 8: Reconstructing a Program with Pointers Chapter 9: Memory and Stacks Chapter 10: Local Variables Chapter 11: Function Parameters Chapter 12: More Instructions Chapter 13: Function Pointer Parameters Chapter 14: Summary of Code Disassembly Patterns Index

4 4

5 Preface 5 Contents Preface Acknowledgements About the Author Chapter 1: Memory, Registers and Simple Arithmetic Memory and Registers inside an Idealized Computer Memory and Registers inside Intel 64-bit PC Arithmetic Project: Memory Layout and Registers Arithmetic Project: A Computer Program Arithmetic Project: Assigning Numbers to Memory Locations Assigning Numbers to Registers Arithmetic Project: Adding Numbers to Memory Cells Incrementing/Decrementing Numbers in Memory and Registers Multiplying Numbers Chapter 2: Debug and Release Binaries Arithmetic Project: C/C++ Program Downloading and Configuring WinDbg Debugger WinDbg Disassembly Output Debug Executable WinDbg Disassembly Output Release Executable Chapter 3: Number Representations Numbers and Their Representations Decimal Representation (Base Ten)... 46

6 6 Ternary Representation (Base Three) Binary Representation (Base Two) Hexadecimal Representation (Base Sixteen) Why Hexadecimals are used? Chapter 4: Pointers A Definition Pointers Project: Memory Layout and Registers Pointers Project: Calculations Using Pointers to Assign Numbers to Memory Cells Adding Numbers Using Pointers Multiplying Numbers Using Pointers Chapter 5: Bytes, Words and Double Words Using Hexadecimal Numbers Byte Granularity Bit Granularity Memory Layout Chapter 6: Pointers to Memory Pointers Revisited Addressing Types Registers Revisited NULL Pointers Invalid Pointers Variables as Pointers Pointer Initialization... 88

7 Preface 7 Note: Initialized and Uninitialized Data More Pseudo Notation MemoryPointers Project: Memory Layout Chapter 7: Logical Instructions and EIP Instruction Format Logical Shift Instructions Logical Operations Zeroing Memory or Registers Instruction Pointer Note: Code Section Chapter 8: Reconstructing a Program with Pointers Example of Disassembly Output: No Optimization Reconstructing C/C++ Code: Part Reconstructing C/C++ Code: Part Reconstructing C/C++ Code: Part Reconstructing C/C++ Code: C/C++ program Example of Disassembly Output: Optimized Program Chapter 9: Memory and Stacks Stack: A Definition Stack Implementation in Memory Things to Remember PUSH Instruction POP instruction Register Review

8 8 Application Memory Simplified Stack Overflow Jumps Calls Call Stack Exploring Stack in WinDbg Chapter 10: Local Variables Stack Usage Addressing Array Elements Stack Structure (No Function Parameters) Function Prolog Function Epilog Local Variables Project Disassembly of Optimized Executable (Release Configuration) Chapter 11: Function Parameters FunctionParameters Project Stack Structure Function Prolog and Epilog Project Disassembled Code with Comments Parameter Mismatch Problem Chapter 12: More Instructions CPU Flags Register The Fastest Way to Fill Memory Testing for

9 Preface 9 TEST - Logical Compare CMP Compare Two Operands TEST or CMP? Conditional Jumps The Structure of Registers Function Return Value Using Byte Registers Chapter 13: Function Pointer Parameters FunctionPointerParameters Project Commented Disassembly Chapter 14: Summary of Code Disassembly Patterns Function Prolog / Epilog Parameters and Local Variables LEA (Load Effective Address) Accessing Parameters and Local Variables Index

You must not circulate this book in any other binding or cover, and you must impose the same condition on any acquirer.

You must not circulate this book in any other binding or cover, and you must impose the same condition on any acquirer. Published by OpenTask, Republic of Ireland Copyright 2016 by OpenTask Copyright 2016 by Software Diagnostics Services Copyright 2016 by Dmitry Vostokov All rights reserved. No part of this book may be

More information

Encyclopedia of Crash Dump Analysis Patterns

Encyclopedia of Crash Dump Analysis Patterns Encyclopedia of Crash Dump Analysis Patterns Detecting Abnormal Software Structure and Behavior in Computer Memory Dmitry Vostokov Software Diagnostics Institute OpenTask 2 Published by OpenTask, Republic

More information

Memory Dump Analysis Anthology

Memory Dump Analysis Anthology Memory Dump Analysis Anthology Volume 6 Dmitry Vostokov Software Diagnostics Institute OpenTask 2 Published by OpenTask, Republic of Ireland Copyright 2013 by Dmitry Vostokov Copyright 2015 by Software

More information

Encyclopedia of Crash Dump Analysis Patterns Second Edition

Encyclopedia of Crash Dump Analysis Patterns Second Edition Encyclopedia of Crash Dump Analysis Patterns Second Edition Detecting Abnormal Software Structure and Behavior in Computer Memory Dmitry Vostokov Software Diagnostics Institute OpenTask 2 Published by

More information

CNIT 127: Exploit Development. Ch 1: Before you begin. Updated

CNIT 127: Exploit Development. Ch 1: Before you begin. Updated CNIT 127: Exploit Development Ch 1: Before you begin Updated 1-14-16 Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend, such as Denial

More information

Practical Malware Analysis

Practical Malware Analysis Practical Malware Analysis Ch 4: A Crash Course in x86 Disassembly Revised 1-16-7 Basic Techniques Basic static analysis Looks at malware from the outside Basic dynamic analysis Only shows you how the

More information

Assembly Language Assembled for the Sinclair ZX81

Assembly Language Assembled for the Sinclair ZX81 Assembly Language Assembled for the Sinclair ZX81 Macmillan Computing Books Assembly Language Programming for the BBC Microcomputer Ian Birnbaum Advanced Programming for the 16K ZX81 Mike Costello Microprocessors

More information

Program Exploitation Intro

Program Exploitation Intro Program Exploitation Intro x86 Assembly 04//2018 Security 1 Univeristà Ca Foscari, Venezia What is Program Exploitation "Making a program do something unexpected and not planned" The right bugs can be

More information

Address Modes effective address

Address Modes effective address Address Modes The MARIE supports only three addressing modes: immediate, direct, and indirect. We are now going to discuss addressing modes in general. Most computers support quite a few of these modes.

More information

Midterm 1 topics (in one slide) Bits and bitwise operations. Outline. Unsigned and signed integers. Floating point numbers. Number representation

Midterm 1 topics (in one slide) Bits and bitwise operations. Outline. Unsigned and signed integers. Floating point numbers. Number representation Midterm 1 topics (in one slide) CSci 2021: Review Lecture 1 Stephen McCamant University of Minnesota, Computer Science & Engineering Number representation Bits and bitwise operators Unsigned and signed

More information

CSE 351 Midterm - Winter 2015 Solutions

CSE 351 Midterm - Winter 2015 Solutions CSE 351 Midterm - Winter 2015 Solutions February 09, 2015 Please read through the entire examination first! We designed this exam so that it can be completed in 50 minutes and, hopefully, this estimate

More information

CHAPTER ASSEMBLY LANGUAGE PROGRAMMING

CHAPTER ASSEMBLY LANGUAGE PROGRAMMING CHAPTER 2 8051 ASSEMBLY LANGUAGE PROGRAMMING Registers Register are used to store information temporarily: A byte of data to be processed An address pointing to the data to be fetched The vast majority

More information

Introduction to C. Why C? Difference between Python and C C compiler stages Basic syntax in C

Introduction to C. Why C? Difference between Python and C C compiler stages Basic syntax in C Final Review CS304 Introduction to C Why C? Difference between Python and C C compiler stages Basic syntax in C Pointers What is a pointer? declaration, &, dereference... Pointer & dynamic memory allocation

More information

CS356: Discussion #6 Assembly Procedures and Arrays. Marco Paolieri

CS356: Discussion #6 Assembly Procedures and Arrays. Marco Paolieri CS356: Discussion #6 Assembly Procedures and Arrays Marco Paolieri (paolieri@usc.edu) Procedures Functions are a key abstraction in software They break down a problem into subproblems. Reusable functionality:

More information

The CPU and Memory. How does a computer work? How does a computer interact with data? How are instructions performed? Recall schematic diagram:

The CPU and Memory. How does a computer work? How does a computer interact with data? How are instructions performed? Recall schematic diagram: The CPU and Memory How does a computer work? How does a computer interact with data? How are instructions performed? Recall schematic diagram: 1 Registers A register is a permanent storage location within

More information

Instruction Sets: Characteristics and Functions Addressing Modes

Instruction Sets: Characteristics and Functions Addressing Modes Instruction Sets: Characteristics and Functions Addressing Modes Chapters 10 and 11, William Stallings Computer Organization and Architecture 7 th Edition What is an Instruction Set? The complete collection

More information

Digital Electronics A Practical Approach with VHDL William Kleitz Ninth Edition

Digital Electronics A Practical Approach with VHDL William Kleitz Ninth Edition Digital Electronics A Practical Approach with VHDL William Kleitz Ninth Edition Pearson Education Limited Edinburgh Gate Harlow Essex CM20 2JE England and Associated Companies throughout the world Visit

More information

Mitchell Adair January, 2014

Mitchell Adair January, 2014 Mitchell Adair January, 2014 Know Owen from our time at Sandia National Labs Currently work for Raytheon Founded UTDallas s Computer Security Group (CSG) in Spring 2010 Reversing, binary auditing, fuzzing,

More information

Memory Forensics. Presented at VolgaCTF, Russia Inter-Regional Inter-University Open Computer Security Contest

Memory Forensics. Presented at VolgaCTF, Russia Inter-Regional Inter-University Open Computer Security Contest Memory Forensics Presented at VolgaCTF, Russia Inter-Regional Inter-University Open Computer Security Contest www.volgactf.ru Facebook LinkedIn Twitter Dmitry Vostokov Software Diagnostics Institute Forensics

More information

Tutorial Letter 103/3/2012 Computer Organization COS2621 Semesters 1 & 2

Tutorial Letter 103/3/2012 Computer Organization COS2621 Semesters 1 & 2 COS2621/103/3/2012 Tutorial Letter 103/3/2012 Computer Organization COS2621 Semesters 1 & 2 School of Computing Solutions to self tests Bar code 2 Self-test A Question 1 Alternative 1 Which one of the

More information

CSC 2400: Computer Systems. Using the Stack for Function Calls

CSC 2400: Computer Systems. Using the Stack for Function Calls CSC 24: Computer Systems Using the Stack for Function Calls Lecture Goals Challenges of supporting functions! Providing information for the called function Function arguments and local variables! Allowing

More information

Facebook LinkedIn Twitter. Dmitry Vostokov Software Diagnostics Services

Facebook LinkedIn Twitter. Dmitry Vostokov Software Diagnostics Services Facebook LinkedIn Twitter Dmitry Vostokov Software Diagnostics Services Prerequisites Working C or C++ knowledge Basic assembly language knowledge Audience Novices Learn x64 assembly language Experts Learn

More information

HUDSON VALLEY COMMUNITY COLLEGE TROY, NEW YORK COURSE OUTLINE

HUDSON VALLEY COMMUNITY COLLEGE TROY, NEW YORK COURSE OUTLINE ACADEMIC YEAR 2017-2018 HUDSON VALLEY COMMUNITY COLLEGE TROY, NEW YORK COURSE OUTLINE COURSE TITLE: Assembly Language And Computer Architecture COURSE SUBJECT AND NUMBER: CISS 280 DEPARTMENT: Computing

More information

Dr. Ramesh K. Karne Department of Computer and Information Sciences, Towson University, Towson, MD /12/2014 Slide 1

Dr. Ramesh K. Karne Department of Computer and Information Sciences, Towson University, Towson, MD /12/2014 Slide 1 Dr. Ramesh K. Karne Department of Computer and Information Sciences, Towson University, Towson, MD 21252 rkarne@towson.edu 11/12/2014 Slide 1 Intel x86 Aseembly Language Assembly Language Assembly Language

More information

Computer Organization and Assembly Language. Lab Session 01

Computer Organization and Assembly Language. Lab Session 01 Objective: Lab Session 01 Introduction to Assembly Language Tools and Familiarization with Emu8086 environment To be able to understand Data Representation and perform conversions from one system to another

More information

CSE 351 Midterm - Winter 2015

CSE 351 Midterm - Winter 2015 CSE 351 Midterm - Winter 2015 February 09, 2015 Please read through the entire examination first! We designed this exam so that it can be completed in 50 minutes and, hopefully, this estimate will prove

More information

Tutorial 1: Programming Model 1

Tutorial 1: Programming Model 1 Tutorial 1: Programming Model 1 Introduction Objectives At the end of this lab you should be able to: Use the CPU simulator to create basic CPU instructions Use the simulator to execute the basic CPU instructions

More information

Computer Organization CS 206 T Lec# 2: Instruction Sets

Computer Organization CS 206 T Lec# 2: Instruction Sets Computer Organization CS 206 T Lec# 2: Instruction Sets Topics What is an instruction set Elements of instruction Instruction Format Instruction types Types of operations Types of operand Addressing mode

More information

JNTUWORLD. 1. Discuss in detail inter processor arbitration logics and procedures with necessary diagrams? [15]

JNTUWORLD. 1. Discuss in detail inter processor arbitration logics and procedures with necessary diagrams? [15] Code No: 09A50402 R09 Set No. 2 1. Discuss in detail inter processor arbitration logics and procedures with necessary diagrams? [15] 2. (a) Discuss asynchronous serial transfer concept? (b) Explain in

More information

Reverse Engineering Low Level Software. CS5375 Software Reverse Engineering Dr. Jaime C. Acosta

Reverse Engineering Low Level Software. CS5375 Software Reverse Engineering Dr. Jaime C. Acosta 1 Reverse Engineering Low Level Software CS5375 Software Reverse Engineering Dr. Jaime C. Acosta Machine code 2 3 Machine code Assembly compile Machine Code disassemble 4 Machine code Assembly compile

More information

Q. P. Code : b. Draw and explain the block dig of a computer with microprocessor as CPU.

Q. P. Code : b. Draw and explain the block dig of a computer with microprocessor as CPU. Q. P. Code : 08235 (2½ Hours) [Total Marks: 75] N. B.: (1) All questions are compulsory. (2) Make suitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question

More information

SPRING TERM BM 310E MICROPROCESSORS LABORATORY PRELIMINARY STUDY

SPRING TERM BM 310E MICROPROCESSORS LABORATORY PRELIMINARY STUDY BACKGROUND 8086 CPU has 8 general purpose registers listed below: AX - the accumulator register (divided into AH / AL): 1. Generates shortest machine code 2. Arithmetic, logic and data transfer 3. One

More information

We can study computer architectures by starting with the basic building blocks. Adders, decoders, multiplexors, flip-flops, registers,...

We can study computer architectures by starting with the basic building blocks. Adders, decoders, multiplexors, flip-flops, registers,... COMPUTER ARCHITECTURE II: MICROPROCESSOR PROGRAMMING We can study computer architectures by starting with the basic building blocks Transistors and logic gates To build more complex circuits Adders, decoders,

More information

UW CSE 351, Winter 2013 Midterm Exam

UW CSE 351, Winter 2013 Midterm Exam Full Name: Student ID: UW CSE 351, Winter 2013 Midterm Exam February 15, 2013 Instructions: Make sure that your exam is not missing any of the 9 pages, then write your full name and UW student ID on the

More information

Microprocessor and Assembly Language Week-5. System Programming, BCS 6th, IBMS (2017)

Microprocessor and Assembly Language Week-5. System Programming, BCS 6th, IBMS (2017) Microprocessor and Assembly Language Week-5 System Programming, BCS 6th, IBMS (2017) High Speed Memory Registers CPU store data temporarily in these location CPU process, store and transfer data from one

More information

William Stallings Computer Organization and Architecture 8 th Edition. Chapter 11 Instruction Sets: Addressing Modes and Formats

William Stallings Computer Organization and Architecture 8 th Edition. Chapter 11 Instruction Sets: Addressing Modes and Formats William Stallings Computer Organization and Architecture 8 th Edition Chapter 11 Instruction Sets: Addressing Modes and Formats Addressing Modes Immediate Direct Indirect Register Register Indirect Displacement

More information

Programming Model 2 A. Introduction

Programming Model 2 A. Introduction Programming Model 2 A. Introduction Objectives At the end of this lab you should be able to: Use direct and indirect addressing modes of accessing data in memory Create an iterative loop of instructions

More information

IA-32 CSE 5302 Spring 2011 Ngoc Tam Tran

IA-32 CSE 5302 Spring 2011 Ngoc Tam Tran IA-32 CSE 5302 Spring 2011 Ngoc Tam Tran 3/3/2011 1 Overview IA-32(Intel Architecture 32-bit) CISC Architecture Many instructions sets 3/3/2011 2 Registers 16 basic program execution registers for use

More information

Number System. Introduction. Decimal Numbers

Number System. Introduction. Decimal Numbers Number System Introduction Number systems provide the basis for all operations in information processing systems. In a number system the information is divided into a group of symbols; for example, 26

More information

CS401 - Computer Architecture and Assembly Language Programming Glossary By

CS401 - Computer Architecture and Assembly Language Programming Glossary By CS401 - Computer Architecture and Assembly Language Programming Glossary By absolute address : A virtual (not physical) address within the process address space that is computed as an absolute number.

More information

Operations On Data CHAPTER 4. (Solutions to Odd-Numbered Problems) Review Questions

Operations On Data CHAPTER 4. (Solutions to Odd-Numbered Problems) Review Questions CHAPTER 4 Operations On Data (Solutions to Odd-Numbered Problems) Review Questions 1. Arithmetic operations interpret bit patterns as numbers. Logical operations interpret each bit as a logical values

More information

Computer Systems A Programmer s Perspective 1 (Beta Draft)

Computer Systems A Programmer s Perspective 1 (Beta Draft) Computer Systems A Programmer s Perspective 1 (Beta Draft) Randal E. Bryant David R. O Hallaron August 1, 2001 1 Copyright c 2001, R. E. Bryant, D. R. O Hallaron. All rights reserved. 2 Contents Preface

More information

3.1 DATA MOVEMENT INSTRUCTIONS 45

3.1 DATA MOVEMENT INSTRUCTIONS 45 3.1.1 General-Purpose Data Movement s 45 3.1.2 Stack Manipulation... 46 3.1.3 Type Conversion... 48 3.2.1 Addition and Subtraction... 51 3.1 DATA MOVEMENT INSTRUCTIONS 45 MOV (Move) transfers a byte, word,

More information

Registers. Registers

Registers. Registers All computers have some registers visible at the ISA level. They are there to control execution of the program hold temporary results visible at the microarchitecture level, such as the Top Of Stack (TOS)

More information

Betriebssysteme und Sicherheit Sicherheit. Buffer Overflows

Betriebssysteme und Sicherheit Sicherheit. Buffer Overflows Betriebssysteme und Sicherheit Sicherheit Buffer Overflows Software Vulnerabilities Implementation error Input validation Attacker-supplied input can lead to Corruption Code execution... Even remote exploitation

More information

CS412/CS413. Introduction to Compilers Tim Teitelbaum. Lecture 21: Generating Pentium Code 10 March 08

CS412/CS413. Introduction to Compilers Tim Teitelbaum. Lecture 21: Generating Pentium Code 10 March 08 CS412/CS413 Introduction to Compilers Tim Teitelbaum Lecture 21: Generating Pentium Code 10 March 08 CS 412/413 Spring 2008 Introduction to Compilers 1 Simple Code Generation Three-address code makes it

More information

When an instruction is initially read from memory it goes to the Instruction register.

When an instruction is initially read from memory it goes to the Instruction register. CS 320 Ch. 12 Instruction Sets Computer instructions are written in mnemonics. Mnemonics typically have a 1 to 1 correspondence between a mnemonic and the machine code. Mnemonics are the assembly language

More information

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB Lab # 9 Integer Arithmetic and Bit Manipulation April, 2014 1 Assembly Language LAB Bitwise

More information

3.0 Instruction Set. 3.1 Overview

3.0 Instruction Set. 3.1 Overview 3.0 Instruction Set 3.1 Overview There are 16 different P8 instructions. Research on instruction set usage was the basis for instruction selection. Each instruction has at least two addressing modes, with

More information

Assembly Language for Intel-Based Computers, 4 th Edition

Assembly Language for Intel-Based Computers, 4 th Edition Assembly Language for Intel-Based Computers, 4 th Edition Kip R. Irvine Chapter 5: Procedures Lecture 18 Linking to External Library The Book s Link Library Stack Operations Slides prepared by Kip R. Irvine

More information

Introduction to Reverse Engineering. Alan Padilla, Ricardo Alanis, Stephen Ballenger, Luke Castro, Jake Rawlins

Introduction to Reverse Engineering. Alan Padilla, Ricardo Alanis, Stephen Ballenger, Luke Castro, Jake Rawlins Introduction to Reverse Engineering Alan Padilla, Ricardo Alanis, Stephen Ballenger, Luke Castro, Jake Rawlins Reverse Engineering (of Software) What is it? What is it for? Binary exploitation (the cool

More information

Project 3: RPN Calculator

Project 3: RPN Calculator ECE267 @ UIC, Spring 2012, Wenjing Rao Project 3: RPN Calculator What to do: Ask the user to input a string of expression in RPN form (+ - * / ), use a stack to evaluate the result and display the result

More information

TYPES OF INTERRUPTS: -

TYPES OF INTERRUPTS: - There are 3 types of interrupts. TYPES OF INTERRUPTS: - External Interrupts. Internal Interrupts. Software interrupts. Hardware Interrupts (1) External interrupts come from I/O devices, from a timing device

More information

Understanding and Writing Compilers

Understanding and Writing Compilers Understanding and Writing Compilers Macmillan Computer Science Series Consulting Editor Professor F. H. Sumner, University of Manchester G. M. Birtwistle, Discrete Event Modelling on Simula Richard Bornat,

More information

Computer Architecture /

Computer Architecture / Computer Architecture 02-201 / 02-601 The Conceptual Architecture of a Computer PC CPU register 0 register 1 register 2 registers hold small amounts of data for processing by the CPU Reading / writing

More information

Computer Systems Lecture 9

Computer Systems Lecture 9 Computer Systems Lecture 9 CPU Registers in x86 CPU status flags EFLAG: The Flag register holds the CPU status flags The status flags are separate bits in EFLAG where information on important conditions

More information

CSE 351: The Hardware/Software Interface. Section 2 Integer representations, two s complement, and bitwise operators

CSE 351: The Hardware/Software Interface. Section 2 Integer representations, two s complement, and bitwise operators CSE 351: The Hardware/Software Interface Section 2 Integer representations, two s complement, and bitwise operators Integer representations In addition to decimal notation, it s important to be able to

More information

RECURSIVE FUNCTIONS ON STACK

RECURSIVE FUNCTIONS ON STACK Debugging with Visual Studio & GDB OCTOBER 31, 2015 BY CSC 342 FALL 2015 Prof. IZIDOR GERTNER 1 Table of contents 1. Objective... pg. 2 2. Overview... pg. 3 3. Microsoft s Visual Studio Debugger... pg.

More information

It is possible to define a number using a character or multiple numbers (see instruction DB) by using a string.

It is possible to define a number using a character or multiple numbers (see instruction DB) by using a string. 1 od 5 17. 12. 2017 23:53 (https://github.com/schweigi/assembler-simulator) Introduction This simulator provides a simplified assembler syntax (based on NASM (http://www.nasm.us)) and is simulating a x86

More information

1.1 For Fun and Profit. 1.2 Common Techniques. My Preferred Techniques

1.1 For Fun and Profit. 1.2 Common Techniques. My Preferred Techniques 1 Bug Hunting Bug hunting is the process of finding bugs in software or hardware. In this book, however, the term bug hunting will be used specifically to describe the process of finding security-critical

More information

CS401 Assembly Language Solved Subjective MAY 03,2012 From Midterm Papers. MC

CS401 Assembly Language Solved Subjective MAY 03,2012 From Midterm Papers. MC CS401 Assembly Language Solved Subjective MAY 03,2012 From Midterm Papers MC100401285 Moaaz.pk@gmail.com Mc100401285@gmail.com PSMD01 MIDTERM FALL 2011 CS401 Assembly Language Q: Affected flag of AND operation

More information

CSE 351 Midterm - Winter 2017

CSE 351 Midterm - Winter 2017 CSE 351 Midterm - Winter 2017 February 08, 2017 Please read through the entire examination first, and make sure you write your name and NetID on all pages! We designed this exam so that it can be completed

More information

CPS104 Recitation: Assembly Programming

CPS104 Recitation: Assembly Programming CPS104 Recitation: Assembly Programming Alexandru Duțu 1 Facts OS kernel and embedded software engineers use assembly for some parts of their code some OSes had their entire GUIs written in assembly in

More information

Computer Architecture and System Software Lecture 06: Assembly Language Programming

Computer Architecture and System Software Lecture 06: Assembly Language Programming Computer Architecture and System Software Lecture 06: Assembly Language Programming Instructor: Rob Bergen Applied Computer Science University of Winnipeg Announcements Assignment 3 due thursday Midterm

More information

8086 INTERNAL ARCHITECTURE

8086 INTERNAL ARCHITECTURE 8086 INTERNAL ARCHITECTURE Segment 2 Intel 8086 Microprocessor The 8086 CPU is divided into two independent functional parts: a) The Bus interface unit (BIU) b) Execution Unit (EU) Dividing the work between

More information

CSIS1120A. 10. Instruction Set & Addressing Mode. CSIS1120A 10. Instruction Set & Addressing Mode 1

CSIS1120A. 10. Instruction Set & Addressing Mode. CSIS1120A 10. Instruction Set & Addressing Mode 1 CSIS1120A 10. Instruction Set & Addressing Mode CSIS1120A 10. Instruction Set & Addressing Mode 1 Elements of a Machine Instruction Operation Code specifies the operation to be performed, e.g. ADD, SUB

More information

Co-processor Math Processor. Richa Upadhyay Prabhu. NMIMS s MPSTME February 9, 2016

Co-processor Math Processor. Richa Upadhyay Prabhu. NMIMS s MPSTME February 9, 2016 8087 Math Processor Richa Upadhyay Prabhu NMIMS s MPSTME richa.upadhyay@nmims.edu February 9, 2016 Introduction Need of Math Processor: In application where fast calculation is required Also where there

More information

Signed Multiplication Multiply the positives Negate result if signs of operand are different

Signed Multiplication Multiply the positives Negate result if signs of operand are different Another Improvement Save on space: Put multiplier in product saves on speed: only single shift needed Figure: Improved hardware for multiplication Signed Multiplication Multiply the positives Negate result

More information

Name: CMSC 313 Fall 2001 Computer Organization & Assembly Language Programming Exam 1. Question Points I. /34 II. /30 III.

Name: CMSC 313 Fall 2001 Computer Organization & Assembly Language Programming Exam 1. Question Points I. /34 II. /30 III. CMSC 313 Fall 2001 Computer Organization & Assembly Language Programming Exam 1 Name: Question Points I. /34 II. /30 III. /36 TOTAL: /100 Instructions: 1. This is a closed-book, closed-notes exam. 2. You

More information

Addressing Modes on the x86

Addressing Modes on the x86 Addressing Modes on the x86 register addressing mode mov ax, ax, mov ax, bx mov ax, cx mov ax, dx constant addressing mode mov ax, 25 mov bx, 195 mov cx, 2056 mov dx, 1000 accessing data in memory There

More information

Computer Systems Architecture I. CSE 560M Lecture 3 Prof. Patrick Crowley

Computer Systems Architecture I. CSE 560M Lecture 3 Prof. Patrick Crowley Computer Systems Architecture I CSE 560M Lecture 3 Prof. Patrick Crowley Plan for Today Announcements Readings are extremely important! No class meeting next Monday Questions Commentaries A few remaining

More information

SOEN228, Winter Revision 1.2 Date: October 25,

SOEN228, Winter Revision 1.2 Date: October 25, SOEN228, Winter 2003 Revision 1.2 Date: October 25, 2003 1 Contents Flags Mnemonics Basic I/O Exercises Overview of sample programs 2 Flag Register The flag register stores the condition flags that retain

More information

Chapter Two MIPS Arithmetic

Chapter Two MIPS Arithmetic Chapter Two MIPS Arithmetic Computer Organization Review Binary Representation Used for all data and instructions Fixed size values: 8, 16, 32, 64 Hexadecimal Sign extension Base and virtual machines.

More information

Digital Forensics Lecture 3 - Reverse Engineering

Digital Forensics Lecture 3 - Reverse Engineering Digital Forensics Lecture 3 - Reverse Engineering Low-Level Software Akbar S. Namin Texas Tech University Spring 2017 Reverse Engineering High-Level Software Low-level aspects of software are often the

More information

Disassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers

Disassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers Disassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers o How to disassemble an MC9S12 instruction sequence o Binary numbers are a code and represent what the programmer intends for the

More information

Disassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers

Disassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers Disassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers o How to disassemble an MC9S12 instruction sequence o Binary numbers are a code and represent what the programmer intends for the

More information

EMBEDDED SYSTEMS: Jonathan W. Valvano INTRODUCTION TO THE MSP432 MICROCONTROLLER. Volume 1 First Edition June 2015

EMBEDDED SYSTEMS: Jonathan W. Valvano INTRODUCTION TO THE MSP432 MICROCONTROLLER. Volume 1 First Edition June 2015 EMBEDDED SYSTEMS: INTRODUCTION TO THE MSP432 MICROCONTROLLER Volume 1 First Edition June 2015 Jonathan W. Valvano ii Jonathan Valvano First edition 3 rd printing June 2015 The true engineering experience

More information

New Syllabus Mathematics for 0-Level 1

New Syllabus Mathematics for 0-Level 1 New Syllabus Mathematics for 0-Level 1 New Syllabus Mathematics for 0-Level 1 New Syllabus Mathematics for 0-Level 2 New Syllabus Mathematics for 0-Levell Owen Perry, B.Sc., Head of Department of General

More information

Intel 8086 MICROPROCESSOR ARCHITECTURE

Intel 8086 MICROPROCESSOR ARCHITECTURE Intel 8086 MICROPROCESSOR ARCHITECTURE 1 Features It is a 16-bit μp. 8086 has a 20 bit address bus can access up to 2 20 memory locations (1 MB). It can support up to 64K I/O ports. It provides 14, 16

More information

94 CPU (CM8051) Incompatible Instruction ERRATA AND DATASHEET CLARIFICATION V1.0. Leader of Microcontroller Technology A Fabless Semiconductor Company

94 CPU (CM8051) Incompatible Instruction ERRATA AND DATASHEET CLARIFICATION V1.0. Leader of Microcontroller Technology A Fabless Semiconductor Company 94 CPU (CM8051) Incompatible Instruction ERRATA AND DATASHEET CLARIFICATION V1.0 Leader of Microcontroller Technology A Fabless Semiconductor Company Document information Info Keywords Abstract Content

More information

CPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS

CPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS CPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS Aleksandar Milenković The LaCASA Laboratory, ECE Department, The University of Alabama in Huntsville Email: milenka@uah.edu Web:

More information

Chapter 1. Microprocessor architecture ECE Dr. Mohamed Mahmoud.

Chapter 1. Microprocessor architecture ECE Dr. Mohamed Mahmoud. Chapter 1 Microprocessor architecture ECE 3130 Dr. Mohamed Mahmoud The slides are copyright protected. It is not permissible to use them without a permission from Dr Mahmoud http://www.cae.tntech.edu/~mmahmoud/

More information

CHETTINAD COLLEGE OF ENGINEERING AND TECHNOLOGY COMMUNICATION ENGINEERING REG 2008 TWO MARKS QUESTION AND ANSWERS

CHETTINAD COLLEGE OF ENGINEERING AND TECHNOLOGY COMMUNICATION ENGINEERING REG 2008 TWO MARKS QUESTION AND ANSWERS CHETTINAD COLLEGE OF ENGINEERING AND TECHNOLOGY B.E.,/B.TECH., ELECTRONICS EC6504 MICROPROCESSORS & MICRO CONTROLLERS COMMUNICATION ENGINEERING REG 2008 TWO MARKS QUESTION AND ANSWERS UNIT 1 AND 2 CS SUBJECT

More information

CPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS

CPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS CPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS Aleksandar Milenković The LaCASA Laboratory, ECE Department, The University of Alabama in Huntsville Email: milenka@uah.edu Web:

More information

Sample Exam I PAC II ANSWERS

Sample Exam I PAC II ANSWERS Sample Exam I PAC II ANSWERS Please answer questions 1 and 2 on this paper and put all other answers in the blue book. 1. True/False. Please circle the correct response. a. T In the C and assembly calling

More information

GLOBAL EDITION. Assembly Language. for x86 Processors SEVENTH EDITION. Kip R. Irvine

GLOBAL EDITION. Assembly Language. for x86 Processors SEVENTH EDITION. Kip R. Irvine GLOBAL EDITION Assembly Language for x86 Processors SEVENTH EDITION Kip R. Irvine Vice President and Editorial Director, ECS: Marcia Horton Executive Editor: Tracy Johnson Executive Marketing Manager:

More information

Low-Level Essentials for Understanding Security Problems Aurélien Francillon

Low-Level Essentials for Understanding Security Problems Aurélien Francillon Low-Level Essentials for Understanding Security Problems Aurélien Francillon francill@eurecom.fr Computer Architecture The modern computer architecture is based on Von Neumann Two main parts: CPU (Central

More information

Chapter 3. Z80 Instructions & Assembly Language. Von Neumann Architecture. Memory. instructions. program. data

Chapter 3. Z80 Instructions & Assembly Language. Von Neumann Architecture. Memory. instructions. program. data Von Neumann Architecture The von Neumann architecture is a computer design model that uses a processing unit and a separate storage to hold both instructions and data To run a machine, program and data

More information

Description of the Simulator

Description of the Simulator Description of the Simulator The simulator includes a small sub-set of the full instruction set normally found with this style of processor. It includes advanced instructions such as CALL, RET, INT and

More information

EEM336 Microprocessors I. Arithmetic and Logic Instructions

EEM336 Microprocessors I. Arithmetic and Logic Instructions EEM336 Microprocessors I Arithmetic and Logic Instructions Introduction We examine the arithmetic and logic instructions. The arithmetic instructions include addition, subtraction, multiplication, division,

More information

CNIT 127: Exploit Development. Ch 2: Stack Overflows in Linux

CNIT 127: Exploit Development. Ch 2: Stack Overflows in Linux CNIT 127: Exploit Development Ch 2: Stack Overflows in Linux Stack-based Buffer Overflows Most popular and best understood exploitation method Aleph One's "Smashing the Stack for Fun and Profit" (1996)

More information

Assembly Language Programming: Procedures. EECE416 uc. Charles Kim Howard University. Fall

Assembly Language Programming: Procedures. EECE416 uc. Charles Kim Howard University. Fall Assembly Language Programming: Procedures EECE416 uc Charles Kim Howard University Fall 2013 www.mwftr.com Before we start Schedule of the next few weeks T Nov 19: Procedure and Calls (continued) R Nov

More information

EXPERIMENT WRITE UP. LEARNING OBJECTIVES: 1. Get hands on experience with Assembly Language Programming 2. Write and debug programs in TASM/MASM

EXPERIMENT WRITE UP. LEARNING OBJECTIVES: 1. Get hands on experience with Assembly Language Programming 2. Write and debug programs in TASM/MASM EXPERIMENT WRITE UP AIM: Assembly language program for 16 bit BCD addition LEARNING OBJECTIVES: 1. Get hands on experience with Assembly Language Programming 2. Write and debug programs in TASM/MASM TOOLS/SOFTWARE

More information

GLOBAL EDITION. Assembly Language. for x86 Processors SEVENTH EDITION. Kip R. Irvine

GLOBAL EDITION. Assembly Language. for x86 Processors SEVENTH EDITION. Kip R. Irvine GLOBAL EDITION Assembly Language for x86 Processors SEVENTH EDITION Kip R. Irvine Vice President and Editorial Director, ECS: Marcia Horton Executive Editor: Tracy Johnson Executive Marketing Manager:

More information

Course Schedule. CS 221 Computer Architecture. Week 3: Plan. I. Hexadecimals and Character Representations. Hexadecimal Representation

Course Schedule. CS 221 Computer Architecture. Week 3: Plan. I. Hexadecimals and Character Representations. Hexadecimal Representation Course Schedule CS 221 Computer Architecture Week 3: Information Representation (2) Fall 2001 W1 Sep 11- Sep 14 Introduction W2 Sep 18- Sep 21 Information Representation (1) (Chapter 3) W3 Sep 25- Sep

More information

ALT-Assembly Language Tutorial

ALT-Assembly Language Tutorial ALT-Assembly Language Tutorial ASSEMBLY LANGUAGE TUTORIAL Let s Learn in New Look SHAIK BILAL AHMED i A B O U T T H E T U TO R I A L Assembly Programming Tutorial Assembly language is a low-level programming

More information

Expectations. Why learn Assembly Language? Administrative Issues. Assignments. CSC 3210 Computer Organization and Programming

Expectations. Why learn Assembly Language? Administrative Issues. Assignments. CSC 3210 Computer Organization and Programming CSC 3210 Computer Organization and Programming Introduction and Overview Dr. Anu Bourgeois (modified by Michael Weeks) Expectations Writing code with loops Base conversions Especially involving decimal

More information

Machine-level Representation of Programs. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University

Machine-level Representation of Programs. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University Machine-level Representation of Programs Jin-Soo Kim (jinsookim@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Program? 짬뽕라면 준비시간 :10 분, 조리시간 :10 분 재료라면 1개, 스프 1봉지, 오징어

More information

Lab 3. The Art of Assembly Language (II)

Lab 3. The Art of Assembly Language (II) Lab. The Art of Assembly Language (II) Dan Bruce, David Clark and Héctor D. Menéndez Department of Computer Science University College London October 2, 2017 License Creative Commons Share Alike Modified

More information

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB. Lab # 7. Procedures and the Stack

Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB. Lab # 7. Procedures and the Stack Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB Lab # 7 Procedures and the Stack April, 2014 1 Assembly Language LAB Runtime Stack and Stack

More information