x64 Windows Debugging
|
|
- Terence Barber
- 6 years ago
- Views:
Transcription
1 x64 Windows Debugging Practical Foundations Dmitry Vostokov OpenTask
2 2 Published by OpenTask, Republic of Ireland Copyright 2009 by Dmitry Vostokov All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, without the prior written permission of the publisher. You must not circulate this book in any other binding or cover and you must impose the same condition on any acquirer. OpenTask books are available through booksellers and distributors worldwide. For further information or comments send requests to: press@opentask.com Microsoft, MSDN, Visual C++, Visual Studio, Win32, Windows, Windows Server and Windows Vista are registered trademarks of Microsoft Corporation. Other product and company names mentioned in this book may be trademarks of their owners. A CIP catalogue record for this book is available from the British Library. ISBN-13: (Paperback) First printing, 2009
3 Preface 3 Summary of Contents Preface Acknowledgements About the Author Chapter 1: Memory, Registers and Simple Arithmetic Chapter 2: Debug and Release Binaries Chapter 3: Number Representations Chapter 4: Pointers Chapter 5: Bytes, Words and Double Words Chapter 6: Pointers to Memory Chapter 7: Logical Instructions and EIP Chapter 8: Reconstructing a Program with Pointers Chapter 9: Memory and Stacks Chapter 10: Local Variables Chapter 11: Function Parameters Chapter 12: More Instructions Chapter 13: Function Pointer Parameters Chapter 14: Summary of Code Disassembly Patterns Index
4 4
5 Preface 5 Contents Preface Acknowledgements About the Author Chapter 1: Memory, Registers and Simple Arithmetic Memory and Registers inside an Idealized Computer Memory and Registers inside Intel 64-bit PC Arithmetic Project: Memory Layout and Registers Arithmetic Project: A Computer Program Arithmetic Project: Assigning Numbers to Memory Locations Assigning Numbers to Registers Arithmetic Project: Adding Numbers to Memory Cells Incrementing/Decrementing Numbers in Memory and Registers Multiplying Numbers Chapter 2: Debug and Release Binaries Arithmetic Project: C/C++ Program Downloading and Configuring WinDbg Debugger WinDbg Disassembly Output Debug Executable WinDbg Disassembly Output Release Executable Chapter 3: Number Representations Numbers and Their Representations Decimal Representation (Base Ten)... 46
6 6 Ternary Representation (Base Three) Binary Representation (Base Two) Hexadecimal Representation (Base Sixteen) Why Hexadecimals are used? Chapter 4: Pointers A Definition Pointers Project: Memory Layout and Registers Pointers Project: Calculations Using Pointers to Assign Numbers to Memory Cells Adding Numbers Using Pointers Multiplying Numbers Using Pointers Chapter 5: Bytes, Words and Double Words Using Hexadecimal Numbers Byte Granularity Bit Granularity Memory Layout Chapter 6: Pointers to Memory Pointers Revisited Addressing Types Registers Revisited NULL Pointers Invalid Pointers Variables as Pointers Pointer Initialization... 88
7 Preface 7 Note: Initialized and Uninitialized Data More Pseudo Notation MemoryPointers Project: Memory Layout Chapter 7: Logical Instructions and EIP Instruction Format Logical Shift Instructions Logical Operations Zeroing Memory or Registers Instruction Pointer Note: Code Section Chapter 8: Reconstructing a Program with Pointers Example of Disassembly Output: No Optimization Reconstructing C/C++ Code: Part Reconstructing C/C++ Code: Part Reconstructing C/C++ Code: Part Reconstructing C/C++ Code: C/C++ program Example of Disassembly Output: Optimized Program Chapter 9: Memory and Stacks Stack: A Definition Stack Implementation in Memory Things to Remember PUSH Instruction POP instruction Register Review
8 8 Application Memory Simplified Stack Overflow Jumps Calls Call Stack Exploring Stack in WinDbg Chapter 10: Local Variables Stack Usage Addressing Array Elements Stack Structure (No Function Parameters) Function Prolog Function Epilog Local Variables Project Disassembly of Optimized Executable (Release Configuration) Chapter 11: Function Parameters FunctionParameters Project Stack Structure Function Prolog and Epilog Project Disassembled Code with Comments Parameter Mismatch Problem Chapter 12: More Instructions CPU Flags Register The Fastest Way to Fill Memory Testing for
9 Preface 9 TEST - Logical Compare CMP Compare Two Operands TEST or CMP? Conditional Jumps The Structure of Registers Function Return Value Using Byte Registers Chapter 13: Function Pointer Parameters FunctionPointerParameters Project Commented Disassembly Chapter 14: Summary of Code Disassembly Patterns Function Prolog / Epilog Parameters and Local Variables LEA (Load Effective Address) Accessing Parameters and Local Variables Index
You must not circulate this book in any other binding or cover, and you must impose the same condition on any acquirer.
Published by OpenTask, Republic of Ireland Copyright 2016 by OpenTask Copyright 2016 by Software Diagnostics Services Copyright 2016 by Dmitry Vostokov All rights reserved. No part of this book may be
More informationEncyclopedia of Crash Dump Analysis Patterns
Encyclopedia of Crash Dump Analysis Patterns Detecting Abnormal Software Structure and Behavior in Computer Memory Dmitry Vostokov Software Diagnostics Institute OpenTask 2 Published by OpenTask, Republic
More informationMemory Dump Analysis Anthology
Memory Dump Analysis Anthology Volume 6 Dmitry Vostokov Software Diagnostics Institute OpenTask 2 Published by OpenTask, Republic of Ireland Copyright 2013 by Dmitry Vostokov Copyright 2015 by Software
More informationEncyclopedia of Crash Dump Analysis Patterns Second Edition
Encyclopedia of Crash Dump Analysis Patterns Second Edition Detecting Abnormal Software Structure and Behavior in Computer Memory Dmitry Vostokov Software Diagnostics Institute OpenTask 2 Published by
More informationCNIT 127: Exploit Development. Ch 1: Before you begin. Updated
CNIT 127: Exploit Development Ch 1: Before you begin Updated 1-14-16 Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend, such as Denial
More informationPractical Malware Analysis
Practical Malware Analysis Ch 4: A Crash Course in x86 Disassembly Revised 1-16-7 Basic Techniques Basic static analysis Looks at malware from the outside Basic dynamic analysis Only shows you how the
More informationAssembly Language Assembled for the Sinclair ZX81
Assembly Language Assembled for the Sinclair ZX81 Macmillan Computing Books Assembly Language Programming for the BBC Microcomputer Ian Birnbaum Advanced Programming for the 16K ZX81 Mike Costello Microprocessors
More informationProgram Exploitation Intro
Program Exploitation Intro x86 Assembly 04//2018 Security 1 Univeristà Ca Foscari, Venezia What is Program Exploitation "Making a program do something unexpected and not planned" The right bugs can be
More informationAddress Modes effective address
Address Modes The MARIE supports only three addressing modes: immediate, direct, and indirect. We are now going to discuss addressing modes in general. Most computers support quite a few of these modes.
More informationMidterm 1 topics (in one slide) Bits and bitwise operations. Outline. Unsigned and signed integers. Floating point numbers. Number representation
Midterm 1 topics (in one slide) CSci 2021: Review Lecture 1 Stephen McCamant University of Minnesota, Computer Science & Engineering Number representation Bits and bitwise operators Unsigned and signed
More informationCSE 351 Midterm - Winter 2015 Solutions
CSE 351 Midterm - Winter 2015 Solutions February 09, 2015 Please read through the entire examination first! We designed this exam so that it can be completed in 50 minutes and, hopefully, this estimate
More informationCHAPTER ASSEMBLY LANGUAGE PROGRAMMING
CHAPTER 2 8051 ASSEMBLY LANGUAGE PROGRAMMING Registers Register are used to store information temporarily: A byte of data to be processed An address pointing to the data to be fetched The vast majority
More informationIntroduction to C. Why C? Difference between Python and C C compiler stages Basic syntax in C
Final Review CS304 Introduction to C Why C? Difference between Python and C C compiler stages Basic syntax in C Pointers What is a pointer? declaration, &, dereference... Pointer & dynamic memory allocation
More informationCS356: Discussion #6 Assembly Procedures and Arrays. Marco Paolieri
CS356: Discussion #6 Assembly Procedures and Arrays Marco Paolieri (paolieri@usc.edu) Procedures Functions are a key abstraction in software They break down a problem into subproblems. Reusable functionality:
More informationThe CPU and Memory. How does a computer work? How does a computer interact with data? How are instructions performed? Recall schematic diagram:
The CPU and Memory How does a computer work? How does a computer interact with data? How are instructions performed? Recall schematic diagram: 1 Registers A register is a permanent storage location within
More informationInstruction Sets: Characteristics and Functions Addressing Modes
Instruction Sets: Characteristics and Functions Addressing Modes Chapters 10 and 11, William Stallings Computer Organization and Architecture 7 th Edition What is an Instruction Set? The complete collection
More informationDigital Electronics A Practical Approach with VHDL William Kleitz Ninth Edition
Digital Electronics A Practical Approach with VHDL William Kleitz Ninth Edition Pearson Education Limited Edinburgh Gate Harlow Essex CM20 2JE England and Associated Companies throughout the world Visit
More informationMitchell Adair January, 2014
Mitchell Adair January, 2014 Know Owen from our time at Sandia National Labs Currently work for Raytheon Founded UTDallas s Computer Security Group (CSG) in Spring 2010 Reversing, binary auditing, fuzzing,
More informationMemory Forensics. Presented at VolgaCTF, Russia Inter-Regional Inter-University Open Computer Security Contest
Memory Forensics Presented at VolgaCTF, Russia Inter-Regional Inter-University Open Computer Security Contest www.volgactf.ru Facebook LinkedIn Twitter Dmitry Vostokov Software Diagnostics Institute Forensics
More informationTutorial Letter 103/3/2012 Computer Organization COS2621 Semesters 1 & 2
COS2621/103/3/2012 Tutorial Letter 103/3/2012 Computer Organization COS2621 Semesters 1 & 2 School of Computing Solutions to self tests Bar code 2 Self-test A Question 1 Alternative 1 Which one of the
More informationCSC 2400: Computer Systems. Using the Stack for Function Calls
CSC 24: Computer Systems Using the Stack for Function Calls Lecture Goals Challenges of supporting functions! Providing information for the called function Function arguments and local variables! Allowing
More informationFacebook LinkedIn Twitter. Dmitry Vostokov Software Diagnostics Services
Facebook LinkedIn Twitter Dmitry Vostokov Software Diagnostics Services Prerequisites Working C or C++ knowledge Basic assembly language knowledge Audience Novices Learn x64 assembly language Experts Learn
More informationHUDSON VALLEY COMMUNITY COLLEGE TROY, NEW YORK COURSE OUTLINE
ACADEMIC YEAR 2017-2018 HUDSON VALLEY COMMUNITY COLLEGE TROY, NEW YORK COURSE OUTLINE COURSE TITLE: Assembly Language And Computer Architecture COURSE SUBJECT AND NUMBER: CISS 280 DEPARTMENT: Computing
More informationDr. Ramesh K. Karne Department of Computer and Information Sciences, Towson University, Towson, MD /12/2014 Slide 1
Dr. Ramesh K. Karne Department of Computer and Information Sciences, Towson University, Towson, MD 21252 rkarne@towson.edu 11/12/2014 Slide 1 Intel x86 Aseembly Language Assembly Language Assembly Language
More informationComputer Organization and Assembly Language. Lab Session 01
Objective: Lab Session 01 Introduction to Assembly Language Tools and Familiarization with Emu8086 environment To be able to understand Data Representation and perform conversions from one system to another
More informationCSE 351 Midterm - Winter 2015
CSE 351 Midterm - Winter 2015 February 09, 2015 Please read through the entire examination first! We designed this exam so that it can be completed in 50 minutes and, hopefully, this estimate will prove
More informationTutorial 1: Programming Model 1
Tutorial 1: Programming Model 1 Introduction Objectives At the end of this lab you should be able to: Use the CPU simulator to create basic CPU instructions Use the simulator to execute the basic CPU instructions
More informationComputer Organization CS 206 T Lec# 2: Instruction Sets
Computer Organization CS 206 T Lec# 2: Instruction Sets Topics What is an instruction set Elements of instruction Instruction Format Instruction types Types of operations Types of operand Addressing mode
More informationJNTUWORLD. 1. Discuss in detail inter processor arbitration logics and procedures with necessary diagrams? [15]
Code No: 09A50402 R09 Set No. 2 1. Discuss in detail inter processor arbitration logics and procedures with necessary diagrams? [15] 2. (a) Discuss asynchronous serial transfer concept? (b) Explain in
More informationReverse Engineering Low Level Software. CS5375 Software Reverse Engineering Dr. Jaime C. Acosta
1 Reverse Engineering Low Level Software CS5375 Software Reverse Engineering Dr. Jaime C. Acosta Machine code 2 3 Machine code Assembly compile Machine Code disassemble 4 Machine code Assembly compile
More informationQ. P. Code : b. Draw and explain the block dig of a computer with microprocessor as CPU.
Q. P. Code : 08235 (2½ Hours) [Total Marks: 75] N. B.: (1) All questions are compulsory. (2) Make suitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question
More informationSPRING TERM BM 310E MICROPROCESSORS LABORATORY PRELIMINARY STUDY
BACKGROUND 8086 CPU has 8 general purpose registers listed below: AX - the accumulator register (divided into AH / AL): 1. Generates shortest machine code 2. Arithmetic, logic and data transfer 3. One
More informationWe can study computer architectures by starting with the basic building blocks. Adders, decoders, multiplexors, flip-flops, registers,...
COMPUTER ARCHITECTURE II: MICROPROCESSOR PROGRAMMING We can study computer architectures by starting with the basic building blocks Transistors and logic gates To build more complex circuits Adders, decoders,
More informationUW CSE 351, Winter 2013 Midterm Exam
Full Name: Student ID: UW CSE 351, Winter 2013 Midterm Exam February 15, 2013 Instructions: Make sure that your exam is not missing any of the 9 pages, then write your full name and UW student ID on the
More informationMicroprocessor and Assembly Language Week-5. System Programming, BCS 6th, IBMS (2017)
Microprocessor and Assembly Language Week-5 System Programming, BCS 6th, IBMS (2017) High Speed Memory Registers CPU store data temporarily in these location CPU process, store and transfer data from one
More informationWilliam Stallings Computer Organization and Architecture 8 th Edition. Chapter 11 Instruction Sets: Addressing Modes and Formats
William Stallings Computer Organization and Architecture 8 th Edition Chapter 11 Instruction Sets: Addressing Modes and Formats Addressing Modes Immediate Direct Indirect Register Register Indirect Displacement
More informationProgramming Model 2 A. Introduction
Programming Model 2 A. Introduction Objectives At the end of this lab you should be able to: Use direct and indirect addressing modes of accessing data in memory Create an iterative loop of instructions
More informationIA-32 CSE 5302 Spring 2011 Ngoc Tam Tran
IA-32 CSE 5302 Spring 2011 Ngoc Tam Tran 3/3/2011 1 Overview IA-32(Intel Architecture 32-bit) CISC Architecture Many instructions sets 3/3/2011 2 Registers 16 basic program execution registers for use
More informationNumber System. Introduction. Decimal Numbers
Number System Introduction Number systems provide the basis for all operations in information processing systems. In a number system the information is divided into a group of symbols; for example, 26
More informationCS401 - Computer Architecture and Assembly Language Programming Glossary By
CS401 - Computer Architecture and Assembly Language Programming Glossary By absolute address : A virtual (not physical) address within the process address space that is computed as an absolute number.
More informationOperations On Data CHAPTER 4. (Solutions to Odd-Numbered Problems) Review Questions
CHAPTER 4 Operations On Data (Solutions to Odd-Numbered Problems) Review Questions 1. Arithmetic operations interpret bit patterns as numbers. Logical operations interpret each bit as a logical values
More informationComputer Systems A Programmer s Perspective 1 (Beta Draft)
Computer Systems A Programmer s Perspective 1 (Beta Draft) Randal E. Bryant David R. O Hallaron August 1, 2001 1 Copyright c 2001, R. E. Bryant, D. R. O Hallaron. All rights reserved. 2 Contents Preface
More information3.1 DATA MOVEMENT INSTRUCTIONS 45
3.1.1 General-Purpose Data Movement s 45 3.1.2 Stack Manipulation... 46 3.1.3 Type Conversion... 48 3.2.1 Addition and Subtraction... 51 3.1 DATA MOVEMENT INSTRUCTIONS 45 MOV (Move) transfers a byte, word,
More informationRegisters. Registers
All computers have some registers visible at the ISA level. They are there to control execution of the program hold temporary results visible at the microarchitecture level, such as the Top Of Stack (TOS)
More informationBetriebssysteme und Sicherheit Sicherheit. Buffer Overflows
Betriebssysteme und Sicherheit Sicherheit Buffer Overflows Software Vulnerabilities Implementation error Input validation Attacker-supplied input can lead to Corruption Code execution... Even remote exploitation
More informationCS412/CS413. Introduction to Compilers Tim Teitelbaum. Lecture 21: Generating Pentium Code 10 March 08
CS412/CS413 Introduction to Compilers Tim Teitelbaum Lecture 21: Generating Pentium Code 10 March 08 CS 412/413 Spring 2008 Introduction to Compilers 1 Simple Code Generation Three-address code makes it
More informationWhen an instruction is initially read from memory it goes to the Instruction register.
CS 320 Ch. 12 Instruction Sets Computer instructions are written in mnemonics. Mnemonics typically have a 1 to 1 correspondence between a mnemonic and the machine code. Mnemonics are the assembly language
More informationIslamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB
Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB Lab # 9 Integer Arithmetic and Bit Manipulation April, 2014 1 Assembly Language LAB Bitwise
More information3.0 Instruction Set. 3.1 Overview
3.0 Instruction Set 3.1 Overview There are 16 different P8 instructions. Research on instruction set usage was the basis for instruction selection. Each instruction has at least two addressing modes, with
More informationAssembly Language for Intel-Based Computers, 4 th Edition
Assembly Language for Intel-Based Computers, 4 th Edition Kip R. Irvine Chapter 5: Procedures Lecture 18 Linking to External Library The Book s Link Library Stack Operations Slides prepared by Kip R. Irvine
More informationIntroduction to Reverse Engineering. Alan Padilla, Ricardo Alanis, Stephen Ballenger, Luke Castro, Jake Rawlins
Introduction to Reverse Engineering Alan Padilla, Ricardo Alanis, Stephen Ballenger, Luke Castro, Jake Rawlins Reverse Engineering (of Software) What is it? What is it for? Binary exploitation (the cool
More informationProject 3: RPN Calculator
ECE267 @ UIC, Spring 2012, Wenjing Rao Project 3: RPN Calculator What to do: Ask the user to input a string of expression in RPN form (+ - * / ), use a stack to evaluate the result and display the result
More informationTYPES OF INTERRUPTS: -
There are 3 types of interrupts. TYPES OF INTERRUPTS: - External Interrupts. Internal Interrupts. Software interrupts. Hardware Interrupts (1) External interrupts come from I/O devices, from a timing device
More informationUnderstanding and Writing Compilers
Understanding and Writing Compilers Macmillan Computer Science Series Consulting Editor Professor F. H. Sumner, University of Manchester G. M. Birtwistle, Discrete Event Modelling on Simula Richard Bornat,
More informationComputer Architecture /
Computer Architecture 02-201 / 02-601 The Conceptual Architecture of a Computer PC CPU register 0 register 1 register 2 registers hold small amounts of data for processing by the CPU Reading / writing
More informationComputer Systems Lecture 9
Computer Systems Lecture 9 CPU Registers in x86 CPU status flags EFLAG: The Flag register holds the CPU status flags The status flags are separate bits in EFLAG where information on important conditions
More informationCSE 351: The Hardware/Software Interface. Section 2 Integer representations, two s complement, and bitwise operators
CSE 351: The Hardware/Software Interface Section 2 Integer representations, two s complement, and bitwise operators Integer representations In addition to decimal notation, it s important to be able to
More informationRECURSIVE FUNCTIONS ON STACK
Debugging with Visual Studio & GDB OCTOBER 31, 2015 BY CSC 342 FALL 2015 Prof. IZIDOR GERTNER 1 Table of contents 1. Objective... pg. 2 2. Overview... pg. 3 3. Microsoft s Visual Studio Debugger... pg.
More informationIt is possible to define a number using a character or multiple numbers (see instruction DB) by using a string.
1 od 5 17. 12. 2017 23:53 (https://github.com/schweigi/assembler-simulator) Introduction This simulator provides a simplified assembler syntax (based on NASM (http://www.nasm.us)) and is simulating a x86
More information1.1 For Fun and Profit. 1.2 Common Techniques. My Preferred Techniques
1 Bug Hunting Bug hunting is the process of finding bugs in software or hardware. In this book, however, the term bug hunting will be used specifically to describe the process of finding security-critical
More informationCS401 Assembly Language Solved Subjective MAY 03,2012 From Midterm Papers. MC
CS401 Assembly Language Solved Subjective MAY 03,2012 From Midterm Papers MC100401285 Moaaz.pk@gmail.com Mc100401285@gmail.com PSMD01 MIDTERM FALL 2011 CS401 Assembly Language Q: Affected flag of AND operation
More informationCSE 351 Midterm - Winter 2017
CSE 351 Midterm - Winter 2017 February 08, 2017 Please read through the entire examination first, and make sure you write your name and NetID on all pages! We designed this exam so that it can be completed
More informationCPS104 Recitation: Assembly Programming
CPS104 Recitation: Assembly Programming Alexandru Duțu 1 Facts OS kernel and embedded software engineers use assembly for some parts of their code some OSes had their entire GUIs written in assembly in
More informationComputer Architecture and System Software Lecture 06: Assembly Language Programming
Computer Architecture and System Software Lecture 06: Assembly Language Programming Instructor: Rob Bergen Applied Computer Science University of Winnipeg Announcements Assignment 3 due thursday Midterm
More information8086 INTERNAL ARCHITECTURE
8086 INTERNAL ARCHITECTURE Segment 2 Intel 8086 Microprocessor The 8086 CPU is divided into two independent functional parts: a) The Bus interface unit (BIU) b) Execution Unit (EU) Dividing the work between
More informationCSIS1120A. 10. Instruction Set & Addressing Mode. CSIS1120A 10. Instruction Set & Addressing Mode 1
CSIS1120A 10. Instruction Set & Addressing Mode CSIS1120A 10. Instruction Set & Addressing Mode 1 Elements of a Machine Instruction Operation Code specifies the operation to be performed, e.g. ADD, SUB
More informationCo-processor Math Processor. Richa Upadhyay Prabhu. NMIMS s MPSTME February 9, 2016
8087 Math Processor Richa Upadhyay Prabhu NMIMS s MPSTME richa.upadhyay@nmims.edu February 9, 2016 Introduction Need of Math Processor: In application where fast calculation is required Also where there
More informationSigned Multiplication Multiply the positives Negate result if signs of operand are different
Another Improvement Save on space: Put multiplier in product saves on speed: only single shift needed Figure: Improved hardware for multiplication Signed Multiplication Multiply the positives Negate result
More informationName: CMSC 313 Fall 2001 Computer Organization & Assembly Language Programming Exam 1. Question Points I. /34 II. /30 III.
CMSC 313 Fall 2001 Computer Organization & Assembly Language Programming Exam 1 Name: Question Points I. /34 II. /30 III. /36 TOTAL: /100 Instructions: 1. This is a closed-book, closed-notes exam. 2. You
More informationAddressing Modes on the x86
Addressing Modes on the x86 register addressing mode mov ax, ax, mov ax, bx mov ax, cx mov ax, dx constant addressing mode mov ax, 25 mov bx, 195 mov cx, 2056 mov dx, 1000 accessing data in memory There
More informationComputer Systems Architecture I. CSE 560M Lecture 3 Prof. Patrick Crowley
Computer Systems Architecture I CSE 560M Lecture 3 Prof. Patrick Crowley Plan for Today Announcements Readings are extremely important! No class meeting next Monday Questions Commentaries A few remaining
More informationSOEN228, Winter Revision 1.2 Date: October 25,
SOEN228, Winter 2003 Revision 1.2 Date: October 25, 2003 1 Contents Flags Mnemonics Basic I/O Exercises Overview of sample programs 2 Flag Register The flag register stores the condition flags that retain
More informationChapter Two MIPS Arithmetic
Chapter Two MIPS Arithmetic Computer Organization Review Binary Representation Used for all data and instructions Fixed size values: 8, 16, 32, 64 Hexadecimal Sign extension Base and virtual machines.
More informationDigital Forensics Lecture 3 - Reverse Engineering
Digital Forensics Lecture 3 - Reverse Engineering Low-Level Software Akbar S. Namin Texas Tech University Spring 2017 Reverse Engineering High-Level Software Low-level aspects of software are often the
More informationDisassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers
Disassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers o How to disassemble an MC9S12 instruction sequence o Binary numbers are a code and represent what the programmer intends for the
More informationDisassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers
Disassembly of MC9S12 op codes Decimal, Hexadecimal and Binary Numbers o How to disassemble an MC9S12 instruction sequence o Binary numbers are a code and represent what the programmer intends for the
More informationEMBEDDED SYSTEMS: Jonathan W. Valvano INTRODUCTION TO THE MSP432 MICROCONTROLLER. Volume 1 First Edition June 2015
EMBEDDED SYSTEMS: INTRODUCTION TO THE MSP432 MICROCONTROLLER Volume 1 First Edition June 2015 Jonathan W. Valvano ii Jonathan Valvano First edition 3 rd printing June 2015 The true engineering experience
More informationNew Syllabus Mathematics for 0-Level 1
New Syllabus Mathematics for 0-Level 1 New Syllabus Mathematics for 0-Level 1 New Syllabus Mathematics for 0-Level 2 New Syllabus Mathematics for 0-Levell Owen Perry, B.Sc., Head of Department of General
More informationIntel 8086 MICROPROCESSOR ARCHITECTURE
Intel 8086 MICROPROCESSOR ARCHITECTURE 1 Features It is a 16-bit μp. 8086 has a 20 bit address bus can access up to 2 20 memory locations (1 MB). It can support up to 64K I/O ports. It provides 14, 16
More information94 CPU (CM8051) Incompatible Instruction ERRATA AND DATASHEET CLARIFICATION V1.0. Leader of Microcontroller Technology A Fabless Semiconductor Company
94 CPU (CM8051) Incompatible Instruction ERRATA AND DATASHEET CLARIFICATION V1.0 Leader of Microcontroller Technology A Fabless Semiconductor Company Document information Info Keywords Abstract Content
More informationCPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS
CPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS Aleksandar Milenković The LaCASA Laboratory, ECE Department, The University of Alabama in Huntsville Email: milenka@uah.edu Web:
More informationChapter 1. Microprocessor architecture ECE Dr. Mohamed Mahmoud.
Chapter 1 Microprocessor architecture ECE 3130 Dr. Mohamed Mahmoud The slides are copyright protected. It is not permissible to use them without a permission from Dr Mahmoud http://www.cae.tntech.edu/~mmahmoud/
More informationCHETTINAD COLLEGE OF ENGINEERING AND TECHNOLOGY COMMUNICATION ENGINEERING REG 2008 TWO MARKS QUESTION AND ANSWERS
CHETTINAD COLLEGE OF ENGINEERING AND TECHNOLOGY B.E.,/B.TECH., ELECTRONICS EC6504 MICROPROCESSORS & MICRO CONTROLLERS COMMUNICATION ENGINEERING REG 2008 TWO MARKS QUESTION AND ANSWERS UNIT 1 AND 2 CS SUBJECT
More informationCPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS
CPE 323 REVIEW DATA TYPES AND NUMBER REPRESENTATIONS IN MODERN COMPUTERS Aleksandar Milenković The LaCASA Laboratory, ECE Department, The University of Alabama in Huntsville Email: milenka@uah.edu Web:
More informationSample Exam I PAC II ANSWERS
Sample Exam I PAC II ANSWERS Please answer questions 1 and 2 on this paper and put all other answers in the blue book. 1. True/False. Please circle the correct response. a. T In the C and assembly calling
More informationGLOBAL EDITION. Assembly Language. for x86 Processors SEVENTH EDITION. Kip R. Irvine
GLOBAL EDITION Assembly Language for x86 Processors SEVENTH EDITION Kip R. Irvine Vice President and Editorial Director, ECS: Marcia Horton Executive Editor: Tracy Johnson Executive Marketing Manager:
More informationLow-Level Essentials for Understanding Security Problems Aurélien Francillon
Low-Level Essentials for Understanding Security Problems Aurélien Francillon francill@eurecom.fr Computer Architecture The modern computer architecture is based on Von Neumann Two main parts: CPU (Central
More informationChapter 3. Z80 Instructions & Assembly Language. Von Neumann Architecture. Memory. instructions. program. data
Von Neumann Architecture The von Neumann architecture is a computer design model that uses a processing unit and a separate storage to hold both instructions and data To run a machine, program and data
More informationDescription of the Simulator
Description of the Simulator The simulator includes a small sub-set of the full instruction set normally found with this style of processor. It includes advanced instructions such as CALL, RET, INT and
More informationEEM336 Microprocessors I. Arithmetic and Logic Instructions
EEM336 Microprocessors I Arithmetic and Logic Instructions Introduction We examine the arithmetic and logic instructions. The arithmetic instructions include addition, subtraction, multiplication, division,
More informationCNIT 127: Exploit Development. Ch 2: Stack Overflows in Linux
CNIT 127: Exploit Development Ch 2: Stack Overflows in Linux Stack-based Buffer Overflows Most popular and best understood exploitation method Aleph One's "Smashing the Stack for Fun and Profit" (1996)
More informationAssembly Language Programming: Procedures. EECE416 uc. Charles Kim Howard University. Fall
Assembly Language Programming: Procedures EECE416 uc Charles Kim Howard University Fall 2013 www.mwftr.com Before we start Schedule of the next few weeks T Nov 19: Procedure and Calls (continued) R Nov
More informationEXPERIMENT WRITE UP. LEARNING OBJECTIVES: 1. Get hands on experience with Assembly Language Programming 2. Write and debug programs in TASM/MASM
EXPERIMENT WRITE UP AIM: Assembly language program for 16 bit BCD addition LEARNING OBJECTIVES: 1. Get hands on experience with Assembly Language Programming 2. Write and debug programs in TASM/MASM TOOLS/SOFTWARE
More informationGLOBAL EDITION. Assembly Language. for x86 Processors SEVENTH EDITION. Kip R. Irvine
GLOBAL EDITION Assembly Language for x86 Processors SEVENTH EDITION Kip R. Irvine Vice President and Editorial Director, ECS: Marcia Horton Executive Editor: Tracy Johnson Executive Marketing Manager:
More informationCourse Schedule. CS 221 Computer Architecture. Week 3: Plan. I. Hexadecimals and Character Representations. Hexadecimal Representation
Course Schedule CS 221 Computer Architecture Week 3: Information Representation (2) Fall 2001 W1 Sep 11- Sep 14 Introduction W2 Sep 18- Sep 21 Information Representation (1) (Chapter 3) W3 Sep 25- Sep
More informationALT-Assembly Language Tutorial
ALT-Assembly Language Tutorial ASSEMBLY LANGUAGE TUTORIAL Let s Learn in New Look SHAIK BILAL AHMED i A B O U T T H E T U TO R I A L Assembly Programming Tutorial Assembly language is a low-level programming
More informationExpectations. Why learn Assembly Language? Administrative Issues. Assignments. CSC 3210 Computer Organization and Programming
CSC 3210 Computer Organization and Programming Introduction and Overview Dr. Anu Bourgeois (modified by Michael Weeks) Expectations Writing code with loops Base conversions Especially involving decimal
More informationMachine-level Representation of Programs. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University
Machine-level Representation of Programs Jin-Soo Kim (jinsookim@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu Program? 짬뽕라면 준비시간 :10 분, 조리시간 :10 분 재료라면 1개, 스프 1봉지, 오징어
More informationLab 3. The Art of Assembly Language (II)
Lab. The Art of Assembly Language (II) Dan Bruce, David Clark and Héctor D. Menéndez Department of Computer Science University College London October 2, 2017 License Creative Commons Share Alike Modified
More informationIslamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB. Lab # 7. Procedures and the Stack
Islamic University Gaza Engineering Faculty Department of Computer Engineering ECOM 2125: Assembly Language LAB Lab # 7 Procedures and the Stack April, 2014 1 Assembly Language LAB Runtime Stack and Stack
More information