Questions tagged [assembly]

Assembly language is a low-level programming language whose instructions map almost 1-to-1 to a computer's machine code.

When analyzing an executable whose source code is unknown (e.g. the payload of an attack), the analyst can use a tool called a disassembler. A disassembler translates the machine code instructions (the numbers that form the unknown code) to assembly language, helping the analyst to better understand what the code is doing.

Below is a simple example of what assembly code looks like. Although assembly code looks quite cryptic, all the words are names or abbreviations. The example is for the x86 family of processors.

CLC
MOV  AX, 5   
ADD  AX, [SI]
MOV  [SI], AX

82 questions

votes

3 answers

Why can't reverse engineering be automated?

I am still in college for a Computer Security degree and took my first assembly language based class last semester. We touched upon the subject of reverse engineering and why it is an important part of fighting malware and ill-wished…

reverse-engineering assembly

asked Jun 22 '15 at 18:33

PositriesElectron

1,595
1
13
17

votes

4 answers

I feel like it's impossible to learn reverse engineering

I know how to use most of the tools in Kali like msfvenom and msfconsole and I can safely call myself a script kiddie. I learned the basics of C# and that helps me understand some of the things in C, but I still get easily lost. I know the basics…

c shellcode reverse-engineering assembly

asked Jul 05 '18 at 21:47

Nikolay Atanasov

votes

2 answers

What does EIP stand for?

There are a ton of questions on here that make reference to the eip: How can I partially overwrite the EIP in order to bypass ASLR? Unable to overwrite EIP register Do I always have to overwrite EIP to get to write on the stack in a buffer…

exploit assembly

asked Jul 07 '16 at 19:48

Athena

votes

3 answers

Is it possible to write shellcode in C++?

Usually I write assembly programs and then dump their contents to get the shellcode. What I was wondering is whether I could write a C++ program instead of assembly, then dump and use that instead of the assembly?

penetration-test shellcode assembly c++

asked May 15 '13 at 10:01

John Doe

votes

4 answers

Processor microcode manipulation to change opcodes?

I had recently thought of an extreme way of implementing security by obscurity and wanted to ask you guys if it's possible. Would a person with no access to special processor documentation be able to change the CPU's microcode in order to obfuscate…

obscurity obfuscation assembly

asked Jan 26 '13 at 11:29

d33tah

6,524
8
38
60

votes

2 answers

How are code-branch side channel attacks mitigated on Java?

When you are working with secret keys, if your code branches unequally it could reveal bits of the secret keys via side channels. So for some algorithms it should branch uniformly independently of the secret key. On C/C++/Rust, you can use assembly…

java side-channel assembly

asked Mar 06 '22 at 22:09

Guerlando OCs

votes

1 answer

How to detect suspicious content in a TrueType Font (.ttf) font file

I got curious about how to scan or assess the risk of a particular font file before deploying it to hosts. First line of defense, of course, is to make sure that our hosts are patched against any TrueType font vulnerabilities. I read the excellent…

malware vulnerability-scanners assembly font

asked May 12 '16 at 20:55

mcgyver5

6,807
2
24
45

votes

1 answer

Intel SGX and MSRs - what do developers need to know?

Intel SGX is an intriguing new technology that will ship as part of upcoming Intel processors. It is designed to enable running software in a secure enclave. Code running in the enclave will be isolated by the hardware from untrusted code running…

appsec hardware assembly privilege-escalation

asked Feb 19 '15 at 00:46

D.W.

98,420
30
267
572

votes

1 answer

Better way to import Win32 APIs from injected shellcode

I'm injecting native x86 code into a .NET application, via a TLS callback in the binary image. Unfortunately, .NET executables only import mscorlib.dll within the PE, and have kernel32.dll mapped automatically into the memory space at runtime. I…

windows injection shellcode assembly x86

asked Nov 27 '12 at 09:52

Polynomial

132,208
43
298
379

votes

1 answer

Why would legitimate programs have a `jmp esp` instruction?

It appears that a common exploit trick is to use stack overflow to overwrite the instruction pointer such that it points to a jmp esp instruction somewhere in the code segment which then executes the arbitrary code of the attacker's choice. However,…

exploit buffer-overflow shellcode assembly

asked Mar 28 '18 at 10:14

1110101001

votes

1 answer

ROP Programming/Exploitation on ARM - Gadget chain

Unfortunately, I cannot find this gadget in my libc.so. How can we reprogram this using different instructions: pop {r0, r1, r2, r3, pc} Which instructions will achieve the same? What gadgets I have to look for? It relates to this exploit # pivot…

exploit assembly exploit-development arm

asked Sep 28 '15 at 19:26

dev

votes

1 answer

How to find stack pointer for overflow bug?

I've read that stack usually starts in same address so the attacker may guess the starting point of the buffer to overflow. This is necessary to know this address to make the malicious code run. I made a program with a few lines of code to get the…

linux exploit buffer-overflow assembly

asked Mar 17 '15 at 17:29

user2808671

votes

1 answer

Difference Between Binary Exploitation and Reverse Engineering?

I am a beginner in Reverse Engineering and am trying to improve my skill by participating in any CTF's I can and solving CrackMe's. I am trying to find out why Binary Exploitation and Reverse Engineering are always separated as two different…

reverse-engineering binary-code assembly

asked Jan 25 '14 at 06:05

bi0s.kidd0

votes

1 answer

Curious about Microsoft "Buffer Security Check" implementation

A very quick background to help you answering my questions : Learning IDA Interactive Disassembler, the old free edition (too expensive for a hobbyist) 15 year Linux Sysadmin & DBA experience Hobbyist coder (C/ASM/Fortran/...) Not very…

microsoft assembly

asked Oct 03 '17 at 11:34

ker2x

votes

1 answer

Fuzzer causes crash. Now what?

Can anyone point me in the direction of some good tutorials regarding how to identify the type of vulnerability as reported by !exploitable and where to go from there? Essentially I've got myself a small fuzzing lab setup and I'm trying to broaden…

exploit fuzzing assembly

asked Oct 14 '13 at 05:25

Stev0

2 3 4 5 6 Next