Description: This is Part 5 of the "Assembly Language Primer for Hackers" video series. Please begin here with Part 1, if you have not already done so. In this video we will go through an in-depth primer on data types which are used in assembly. We do a live demo on how to look at data in memory using GDB for .ascii, .int, .short, .float (.data) and .comm, .lcomm (.bss) types.<br><br>Please download the VariableDemo.s code before you begin with the tutorial. <br><br><br><style type="text/css">body { background: #FFF; } </style> Part 6 of the Assembly Language Primer for Hackers is available here. Enjoy!<br><br><br><style type="text/css"> body { background: #FFF; } </style> Part 6 of the Assembly Language Primer for Hackers is available here. Enjoy!<br><br><br><style type="text/css"> body { background: #FFF; } </style> Part 6 of the Assembly Language Primer for Hackers is available here. Enjoy!<br><br><br><style type="text/css"> body { background: #FFF; } </style>
Tags: programming ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Awesome vid! I've been learning so much from these!
Thanks! Please let me know if you have any feedback and any request for other topics in this series.
you r really great sir , i am leaning from ur videos very much . can u plz make a megaprimer about the backtrack O.S & their tools?
These are just great.
Really enjoying the videos, thanks for the hard work.
Those videos are perfect. Thank you very much for taking time to make them, i have learned a lot from them! I just have one question :). In this video (5th) you ask why is the float number not displayed as expected. I guess it has to do with it being a Single Precision floating point number, but i do not completely understand this. So could you please give me a tip or something, since i am new to all this and wikipedia confused me a bit! Thanks in advance, and again really appreciated work man.
Polynomial: floating points aren't precise if you're using small ones
Polynomial: single is a 32-bit float
Polynomial: double is a 64-bit float
Polynomial: though asm doesn't distinguish data types anyway
Polynomial: it'll store the closest approximation of the data
Polynomial: 10.2299995 is only 0.0000005 away from your actual value, a total of only 0.00000489% error
Polynomial: anyhoo
Polynomial: see http://en.wikipedia.org/wiki/Floating_point#Internal_representation
(20:52:14) Polynomial: there are also ways to do arbitrary precision float operations
Polynomial: but they're complicated in assembly
Polynomial: essentially you treat your exponent bias as a few orders of magnitude lower and calculate the further precision
Polynomial: erm, orders of magnitude higher*
Polynomial: so for example 0.000001 is treated as 1
Polynomial: then you re-calculate your math
Polynomial: and lower magnitude again
Polynomial: and re-interpret your result
Polynomial: and repeat for further precision
Love you man, thanks a lot.
Vivek you SUCK!!
Just kidding. Another perfect video. Thanks a lot! :)
Always Nice. I would like to request you to put subtitles in your videos. It will easy the understanding of people who's not an expert in English (like me :|)
Keep the great working! bye
Vivek great tutorial!
One question though, why didnt you set the breakpoint with the linenumber, like Break 33..
Why use Break *_start+1?
Ones again, thank you for making these super tuts! Hope you'll make more!
I was wondering that too (the *_start+1).
Thanks for another great video.
These are really good.. thanks, keep up the good work..
Great series of videos thanks, and thanks for the site
oh i also wanted to ask what the nop keyword on the first line of _start is for, cheers
Very nice video again. I really like the way you do these vids, and I actually learn more then at school computer science heheh. You might wanna say . as DOT and not DART or something haha :D love your accent though!
balder, NOP keyword is a command that performs "no operation", it essential wastes a cpu cycle. You will likely see more about nops in later videos as they become very important in bypassing address space randomization :-)
Yeah , ironic i know...
AS usual, great info. Learning incredible amounts. There is not enough room to say how appreciated this info is.
Thanks, great info!
@Vivek: Very good work so far. I'm learning a lot and the way you present it gives me motivation to continue and experiment in my own. Thank's a lot for your effort.
@sekstiseks: I'm not very sure but that's the most logigal explanation for me:
the command "break *_start+1" sets a break-point to the second instruction (line 33) in the _start section. Fhe first instruction is nop in line 30 and you can set a break-point by typing "break *_start".
The asterisk (*) is used to match anything that comes before the _start section (in this case the empty space).
I hope that helps
Excellent job. Thanks so much for these.
thank you
Thank you and I really appreciate your effort..!
As always! Another great movie! Thank you Vivek!
wonderful vivek.
another awesome video.
mind blowing.
i learned a lot from these videos.
thanks vivek.
Once again this video series is awesome, and this video is no exception. Awesome work!
hust give me link of other tutorial which you have uploaded .really you are great mentor.
thanks again.
these videos are great man, thanks for this site and these videos. I never felt comfortable with understanding the fundamentals of exploits until I stumbled across this site.
About the *_start+1 thing:
the * actually means a pointer in this case, not a search wildcard. I found this out by trying to insert a break point in a program at main+1, which returned an error from gdb. Instead you have to insert the break point at *main+1, because then it understands you are pointing to a location.
btw, in addition you can use &HelloWorld to refer to the address of the HelloWorld string.
great... nice work
Thanks so much Vivek :) i hope to make it to the securitybytes 2011 conference!
awesome work thanks very much
awsome series.....btw what is as -gstab option?
rK if you check out the command options like so: as --help
you will see that -gstabs is to generate the debugging information into the assembled file so that you can get the most information out of gdb.
This is similar to the -ggdb option used for gcc when compiling c program files.
Another great video. A slight oversight for the complete noob (like me!) is the -gstab option. But I did a quick search to figure it out. So its all good.
hi, thanks for nice vids!
sry for being too newbie but u didn't talked about nop in system exit ! what is it?
thanks again.
Awesome. I was waiting for such tuto. Thank you so much.
(gdb) x/1dw 0x00000000006000d1
0x6000d1 <Int16>: -1374420989
(gdb) x/1dh 0x00000000006000d1
0x6000d1 <Int16>: 3
(gdb) x/1db 0x00000000006000d1
0x6000d1 <Int16>: 3
WTF? little-endian?!?!
uh... it's all about eggs -.-
I love how I learn random stuff from you vivek :D
Nice videos
I hope you keep doing more
Thankss you so much
Greetings.
At 08:30, in gdb you displayed the contents of the memory location where we have the string "Helloworld" by entering
x/12cb 0x8049084
The output came out as both character and the ascii value.
Is there a way to just dump the ascii text
Thank you very much. You are great!
Thanks a lot Vivek! You are doing an amazing work!
Thanks man nice job God bless u
wowoww....really awsome videos......thanks a lot vivek.....
Hello
I tried this example in ubuntu server 11.04
but it gives the following error.
Error: no such instruction: `float'
I tried to find about data type structure definition in header files but failed..
Is double and float are replaced with float in ubuntu server as utility??
reply Soon..
**** Is double and float are replaced with long in ubuntu server as utility??
I found the error :)
...
I am enjoying this series- thanks for the time and effort to make these. I have some questions though- In BT5 I reset the randomize Virtual address, but after a restart it goes back to a value of 2, you didnt cover 2 in your video, what does that mean?
Do we need to set the randomize to 0 to the rest of the examples in this video series? Let me know via twitter @QuikSilver75 (this is for anyone reading this also)
Thanks Again
www.securitytubeforums.net to ask questions about Vivek's awesome video + to learn more about infosec! securitytubeforums is dedicated to answering all questions about securitytube.net videos!
Vivek you're awesome!
I hope this will help a lot people like me :)
Thank you so much!
This is getting interesting!
the way you presenting this is nothing but awesome!!!!!
Thanks Vivek...
RESPECT!!!!!!!!!!!!!!!!!
this is the video i am most interested it :)
ITs is a great tutorial....i started learning assembly but this is the very basic and superb.Also i learnt how to use gdb along with assembly....:)
great work..its very helpful