Secure coding

How to control the flow of a program in x86 assembly

February 17, 2021 by Srinivas

What does x86 assembly looks like?

X86 is an assembly language. It is also backward compatible. It is said to be compatible with systems going back 1972. Object codes can be created by x86 assembly language. The CPU using x86 is fed instructions called mnemonics. Compilers are used to create machine code from assembly code.  Mnemonics represent x86 assembly instructions to operating systems. Operands can be combined with mnemonics to create opcode. X86 is an 32-bit programming language. It works by sending assembler directives and instructions. Interestingly there are multiple assembly languages that are used to create x86 machine code. 

Assembly coded programs aren’t very large and because of that they work much faster and communicate with greater ease with the machine. Assembly language can also be called machine language. The central processing unit (CPU) requires its instructions in machine language. Assembly instructions require a code that doesn’t change. So, the assembly instruction allocates a mnemonic device to use a machine opcode. 

Examples of x86 assembly programming language

Registers are like bins and processors are organized with many registers where information can be stored. Keeping the processor organized is important work so registers are the most important pieces of the CPU, especially since they allow the processor to run faster since it doesn’t have to access outside memory. 

There are three types of registers: General Registers, which is used for data manipulation and storage of results, Status Registers, and Segment Registers, which stores the segment’s starting address. Most registers are either 8 or 16 bits. General register start with A, B, or D. When arithmetic operations are needed an AX Accumulator Register is used. When the base address is needed the BX Base Register is used. When loops need to be countered the CX Counter Register is used. When data is needed for functions DX Data Register is used. 

Status registers only have 16-bit parts. When handling string instructions is required DI Destination Index is used. When manipulating strings SI Source Index is used. When called by a subroutine a BP Base Pointer is used. When it’s indicated that the instruction is going to execute IP Instruction Pointer is used. When the last element in a stack is indicated SP Stack Pointer is used. 

Types of syntax used to write x86 assembly

Stacks hold data. They are a memory area. The last data in the stack leaves the stack first. It’s just like a stack of cookies, where in, if one tried to pull out the value from the bottom of the stack, it would topple the list, so doing that isn’t allowed. Push instructions decrements the Stack pointer. Pop instruction pop increments by loading data.

Flags show which instructions can be altered. Arithmetic instructions indicate the CF Carry Flag. When an even number of bits is in the operand PF Parity Flag is indicated. When an arithmetic carry is created a AF Auxiliary Flag indicates. When an operand shows zero ZF Zero flag is indicated. If a value is signed the SF Sign Flag is indicated. The CPU hardware interrupts if the IF Interrupt Flag indicates. The direction of movement in pointers is indicated by the DF Direction Flag. When overflows occur the Overflow Flag indicates. 

Conclusion

X86 assembly programs are fast, primarily because they are simple. By in large speed dependent programming is written in X86 assembly language. Assembly programs are also small and powerful. X86 assembly is also good for looking for back doors and viruses. The truly best feature of Assembly language is the fact that it speaks to computers in their own language. It gives the programmer a greater sense of control of the process. 

 

Sources

  1. /topic/x86-assembly-language-applicable-to-reverse-engineering-the-basics-part-1/
  2. /topic/x86-assembly-language-part-1/
  3. /topic/x86-assembly-reverse-engineering-part-2/
  4. /topic/x86-assembly-language-part-3-1/
  5. /topic/x86-assembly-language-part-3-2/
  6. /topic/x86-assembly-language-part-2/

 

Posted: February 17, 2021
Articles Author
Srinivas
View Profile

Srinivas is an Information Security professional with 4 years of industry experience in Web, Mobile and Infrastructure Penetration Testing. He is currently a security researcher at Infosec Institute Inc. He holds Offensive Security Certified Professional(OSCP) Certification. He blogs atwww.androidpentesting.com. Email: srini0x00@gmail.com