Assembly Ref

Assembly Ref

February 23, 2021

  • In computer org, data allocation happens on the stack (more limited, faster, more immediate actions) and heap (adaptable, slower, dynamic memory).

    • data segment for variables, code segment also

  • shellcode is asm instructions in hex code (architectures have shellcodes represent certain operations)

  • esp refers to the top of stack. ebp refers to the botom of the current stack frame. Memory grows downward (higher address is bottom of stack, lower address is top of stack)

  • push stack function is equivalent to a subtraction (moving downward in address to top of stack)

  • pop stack function is equivalent to addition (moving upward in address to top of stack)

  • fun fact: BSOD originates from a stackoverflow exception

  • stack vs heap

    • stack frame activated within function
    • frame pointer ebp gives local variables within stack frame (offset). Also helps to locate the return address
    • stack for memory size constant (string, int, also pointer to dynamic thing on heap)

  • sizes

    • word = 16 bits
    • register = dword

  • 32bit registers start with e, 64 bit start with r

  • abstractions:

    • if statements
      • je, jne

Addressing Modes

  • Immediate $val
  • Register %R
  • Direct 0xaddr
  • Indirect (%rax), Mem[%R]
  • Indirect displacement 8(%rax) = Mem[%rax + 8]

References