DEV Community

Cover image for RE Week 2
pirateducky
pirateducky

Posted on • Updated on

RE Week 2

#hacking

This has been week #2 learning reverse engineering, this time I've gone over some basics:

  • The call stack
    • What is it? How does it work?
  • Assembly
    • Learning more about assembly x86
    • How does assembly work

Week #2 has been all about the stack and assembly. Going over the preparations section of the workshop, I went over the purpose of the stack as well as assembly:

What is the stack?

  • The stack is a data structure, it gets assigned an area of memory which it uses to store information about the executing program, it uses registers(storage areas, esp, ebp,eax, nop etc) to know what's executing by storing data & memory addresses, we can use instructions(actions we can perform using assembly language like push, pop, mov, jmp and more) to interact with the stack
  • The stack grows down to higher memory addresses, which also means the stack starts at lower memory addresses.
  • The stack keeps track of everything that happens when a program executes, it knows exactly what variables the program will use and which functions are running by using registers like ebp(which points to the base of the stack) and eip(which points to the next instruction to perform).

What is assembly?

  • Low-level programming language
  • Gets turned into machine language
  • Instruction set is used to write programs which use registers and instructions
    • some instructions include:
      • nop push pop mov add call ret
    • all instructions performs actions using registers
      • mov eax, [ebx]: move the 4 bytes in memory at the address contained in ebx into eax
    • instruction format
    • operation argument
    • operation argument, argument
      • mov eax, [ebp-8] square brackets acts as the de-reference operator in c so the mov instruction "moves" the value that's at ebp-8 and stores it inside eax [Intel Syntax]

x86 ASM

Next week: Going over some basic C, installing tools, trying some exercises

Resources

azeria-labs more about the stack
OALabs: youtube channel
Discord: resources, and community
Awesome RE: Github repo
ROP beginers: return-oriented programming (here for later reference)

Modern X86 ASM
x86 ASM

cover image
asm cheatsheet
x86 Intro

Top comments (0)

Read next

kappuccino111 profile image

PAPPL Scan API Bridging: GSoC 2024 Project Report πŸ–¨οΈπŸ§‘β€πŸ’»

Akarshan Kapoor -

artsborba profile image

Let’s make the web responsive with just one installation line? I’m looking for contributors!

Arthur Borba -

dotnetfullstackdev profile image

Underrated Key Features in C# ( AS, IS, NameOf, Pattern Matching)

DotNet Full Stack Dev -

kasir-barati profile image

How to configure TSC + Webpack + ESM for NodeJS

Mohammad Jawad (Kasir) Barati -