Upload File

hands-on learning exercises to accompany...

  • Home
  • Documents
  • Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here
18
Hands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here is a basic helloworld.asm program in x86 assembly. .386 .model flat, stdcall option casemap :none extrn MessageBoxA@16 : PROC extrn ExitProcess@4 : PROC .data HelloWorld db "Hello There!",0 .code start: lea eax, HelloWorld mov ebx, 0 push ebx push eax push eax push ebx call MessageBoxA@16 push ebx call ExitProcess@4 end start Copy and paste this a text editor and name the file helloworld.asm There are 3 main parts to an assembly program: 1) Data Example: Helloworld db “Hello There!”,0 2) Code – These consist of opcodes or instructions Example lea eax, HelloWorld Push ebx

Upload: others

Post on 06-Aug-2020

3 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Hands-on Learning Exercises to Accompany Chapter 4:

Assembling With VS 2008

Here is a basic helloworld.asm program in x86 assembly.

.386

.model flat, stdcall

option casemap :none

extrn MessageBoxA@16 : PROC

extrn ExitProcess@4 : PROC

.data

HelloWorld db "Hello There!",0

.code

start:

lea eax, HelloWorld

mov ebx, 0

push ebx

push eax

push eax

push ebx

call MessageBoxA@16

push ebx

call ExitProcess@4

end start

Copy and paste this a text editor and name the file helloworld.asm

There are 3 main parts to an assembly program:

1) Data

Example: Helloworld db “Hello There!”,0

2) Code – These consist of opcodes or instructions

Example lea eax, HelloWorld

Push ebx

Page 2: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

3) Directives – These tell the assembler preprocessor how to interpret and assemble. These are not considered

part of the assembly code.

Extrn

.386

We will be using the MASM assembler as part of Visual Studio.

To assemble and run this, in the VM, open Visual Studio 2008. Create new Project,

Page 3: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Click OK, then next, then check the box that says Empty Project

Then click Finish.

Page 4: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Next right-click the sources folder and go to add new item

Page 5: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Name the new item main.asm

Page 6: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Copy and paste the assembly from the top of this document:

Page 7: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Right-click on the project and go to Custom Build Rules:

Page 8: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Then check the box marked Microsoft Macro Assembler.

Page 9: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Then go to the top toolbar: BuildBuild Solution

Then the top toolbar: DebugStart Without Debugging

Page 10: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

You have no successfully assembled and ran a win32 assembly program.

Page 11: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here
Page 12: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Now we will look at what those instructions are translated into.

Right-click the project again and go to properties.

Page 13: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Go to Configuration PropertiesMicrosoft Macro AssemblerListing File

Then in the box titled Assembled Code Listing File, enter a file name. I chose asmListing File.

Page 14: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

You will now have to Build the project again.

Page 15: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Right-click the folder called Source FilesAddExisting Item…

Page 16: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here
Page 17: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

Click No here:

The listing file allows you to see the exact hex values that your instructions get translated into:

Here we see the instruction push ebx is represented by hex value 53.

Page 18: Hands-on Learning Exercises to Accompany …security.cs.rpi.edu/courses/malware-spring2013/asmtut1.pdfHands-on Learning Exercises to Accompany Chapter 4: Assembling With VS 2008 Here

In the next tutorial, I will show you a streamlined version of this in Cygwin.


1st Edition Appendix H: Laboratory Exercises to Accompany

PowerPoint presentation to accompany

PowerPoint to accompany

Student Solutions Manual to accompany Applied Linear … · 2013-09-12 · The data sets for all Problems, Exercises, Projects and Case Studies are contained in the compact disk provided

Essential Access Exercises - University of York Access Tasks Exercises to accompany Essential Access Course Books 1 & 2 Sample files for use with these exercises can be found on the

Computer Competency Exercises to Accompany Medical ... › companions › content...Computer Competency Exercises to Accompany Administrative Medical Assisting, 6th Edition Module

Independent Study: Modern Windows Vulnerability Analysis ...security.cs.rpi.edu/~gaasem/winexp/IndependentStudy.pdf · Markus Gaasedelen, Spring 2014 ... d. Mona.py v2 with WinDBG

Presentation to accompany

Exercises to Accompany Introduction to Functional ... · In your programming language 4.3. Find out how the experts classify your programming language. Is it imperative, purely functional,

Computer Competency Exercises to Accompany … 7.pdfBill Secondary Insurance for Balance Due ... open the Patient Ledger to view the transactions for ... Step 2: From the Main Menu,

Book of Exercises to Accompany E. Friedrich Richter's Manual of Simple and Double Counterpoint (1888)

Instructor's Manual to accompany SYSTEMS '1FlOEFlAMMINEweb.mit.edu/jjd/www/documents/Instructors Manual to accompany... · Instructor's Manual to accompany SYSTEMS '1FlOEFlAMMINE

Exercises to Accompany Introduction to Functional ... to Accompany Introduction to Functional Programming ... Any Language with Barry Burd ... few simple sample programs on the web

Solutions Manual to Accompany Modern Business Statistics...The solutions manual furnishes assistance by identifying learning objectives and providing detailed solutions for all exercises

PATELLOFEMORAL EXERCISES STRETCHING EXERCISES

officemastery.com · COURSE EXERCISES A number of exercise files accompany this instruction manual. For all onsite training, the exercise files are pre-loaded onto the computers,

Accompany Me

Developed by Janice Litvin - Wellness, Stress / Burnout ...€¦ · The exercises in this toolkit accompany the “Banish Burnout: Move from Stress to Success™” presentation

Exercises to Accompany Rand McNally Atlas of …...Cengage Learning Not for Reprint 1 Exercises to Accompany Rand McNally Atlas of American History Maps Referenced with Page Number

S37E Wristband Transmitter with Accompany … Solutions | S37E Wristband Transmitter with Accompany function Waterproof and lightweight, the S37E Wristband Transmitter with Accompany

Solutions Manual to Accompany Nonparametric Econometrics › racinej › Solutions_Odd.pdf · Solutions to the empirical exercises are provided in the R environment for statistical

Modern Binary Exploitation CSCI 4968 - Spring 2015 Markus ...security.cs.rpi.edu/courses/binexp-spring2015/lectures/11/07_lecture.pdfshellcode assuming they gain control of EIP •

Hands-on Learning Exercise 2 to Accompany Chapter 4 ...security.cs.rpi.edu/courses/malware-spring2013/asmtut2.pdf · Hands-on Learning Exercise 2 to Accompany Chapter 4: Assembling

Bravo - Exercices corrigesexocorriges.com/doc/20240.doc · Web view_____ Workbook—Exercices écrits: Do exercises A-H that accompany Leçon 3 in the in the Cahier d’exercices

Modern Binary Exploitation CSCI 4968 - Spring 2015 …security.cs.rpi.edu/courses/binexp-spring2015/lectures/7/05... · MBE - 02/20/15 Shellcoding Shellcoding Modern Binary Exploitation

Student Solutions Manual to accompany - Prgmea.comprgmea.com/pdf/accompany/0.pdf · Student Solutions Manual to accompany ... column his balanced by the surface tension force.

DiSTITUTION. Washington', - ERIC · a volume of exercises and projects to accompany CENSUS '80: continuing the Fact-finder Tradition, an undergraduate textbook publisOed in early

Access Training Materials - Computer Competency …...Computer Competency Exercises to Accompany Administrative Medical Assisting, 6E Step 1: MOSS features a main screen with a Main

Pamphlet to Accompany Map

Solutions to Skill-Assessment Exercises - Clarkson …web2.clarkson.edu/class/ee450/Help/Sols. to Skill - Assessment... · Solutions to Skill-Assessment Exercises To Accompany Control

First order of Business - Rensselaer Polytechnic …security.cs.rpi.edu/courses/binexp-spring2015/lectures/...The most common place to find vulnerabilities is inside of Loadable Kernel

Tutorial Workbook - University of MichiganCONTENTS Students may find useful exercises, solutions and summary sheets in this workbook to accompany the tutorial podcasts. Tutorial Workbook

RESILIENCE BUILDING & PERSONAL … Exercises: ... accompany both the practical sessions that are run, and this workbook. Look ... aim for at least 3 times a week,

Complete Church Organist Volume 2 - RSCM Music Direct ... · PDF fileComplete Church Organist Volume 2.indd 1 11/18/2011 ... tecHnical exercises 9 ... better to accompany a simpler

Instructor’s Manual to Accompany Understanding English Grammar · to Accompany Understanding English Grammar. Allie. Instructor’s Manual to Accompany Understanding English