ASM Snippets

2 minute read

Some snippets based on ASM and binary exploitation.

Hex


0x prefixed or h postfixed. 0 to 15 represented by 0 to f:

Hex Decimal
0 0
1 1
2 2
3 3
4 4
5 5
6 6
7 7
8 8
9 9
a 10
b 11
c 12
d 13
e 14
f 15

Datatypes


  • 8-bit (1 byte) = char (or BYTE)
    • In hex, can be 0x00 to 0xFF
  • 16-bit (2 bytes) = short int (often referred to as a WORD)
    • In hex, can be 0x0000 to 0xFFFF
  • 32-bit (4 bytes) = long int (often referred to as a DWORD or double-WORD)
    • In hex, can be 0x00000000 to 0xFFFFFFFF
  • 64-bit (8 bytes) = long long (often referred to as a QWORD or quad-WORD)
    • In hex, can be from 0x0000000000000000 to 0xFFFFFFFFFFFFFFFF

Registers


  • Volatile: ecx, edx
  • Non-Volatile: ebx, esi, edi, ebp
  • Special: eax, esp

eax - Primary Accumulator - used in i/o and most arithmatic
ebx - Base Register - can be used in indexed addressing
ecx - Count Register - store the loop count in interative operations
edx - Data Register - also used in i/o, alongside ax/dx for multiply and divide operations
ebp - Extended Base Pointer - points to the beginning of the local environment for a function
esi - Extended Source Index - holds the data source offset in an operation using a memory block
edi - Extended Destination Index - hold the destination data offset in an operation using a memory block
esp - Extended Stack Pointer - points to the top of the stack
eip - Extended Instruction Pointer - points to the address of the next instruction to be executed

64-bit register Lower 32 bits Lower 16 bits Lower 8 bits
rax eax ax al
rbx ebx bx bl
rcx ecx cx cl
rdx edx dx dl
rsi esi si sil
rdi edi di dil
rbp ebp bp bpl
rsp esp sp spl
r8 r8d r8w r8b
r9 r9d r9w r9b
r10 r10d r10w r10b
r11 r11d r11w r11b
r12 r12d r12w r12b
r13 r13d r13w r13b
r14 r14d r14w r14b
r15 r15d r15w r15b

Memory Segments


  • Environment/Arugments - store a copy of system-level variables that may be needed by the process during runtime
  • Stack - keeps track of function calls (recursively) and grows from the higher-addressed memory to the lower-addressed memory (usually)
  • Heap - stores dynamically allocated variables and grows from the lower-addressed memory to the higher-addressed memory (allocation controlled through malloc() and free())
  • .bss - store global noninitialised variables (int a = 0;)
  • .data - store global initialised variables (int a;)
  • .text - actual code