Skip to main content

Posts

Understanding Assembly basic syntax

Here is a simple C program,

int main() {
   return 0;
}

Now let us generate the Assembly code for this,

gcc -S mycode.c

The output is given bellow,

.section__TEXT,__text,regular,pure_instructions
.macosx_version_min 10, 12
.globl_main
.align4, 0x90
_main:  ## @main
.cfi_startproc
## BB#0:
pushq%rbp
Ltmp0:
.cfi_def_cfa_offset 16
Ltmp1:
.cfi_offset %rbp, -16
movq%rsp, %rbp
Ltmp2:
.cfi_def_cfa_register %rbp
xorl%eax, %eax
movl$0, -4(%rbp)
popq%rbp
retq
.cfi_endproc


.subsections_via_symbols

Varius parts of the code are colored in different colors for better understanding:

In green are various directives which will not be discussed in the blog.In red are various labels which are not executable commonds.In blue are the comments. In black are the real assembly commands. 

So the code real assembly code is,

pushq%rbp
movq%rsp, %rbp
xorl%eax, %eax
movl$0, -4(%rbp)
popq%rbp
retq

Opcode and Operand Blue and Green are Opcodes (which specify which operation to perform)
Red and Purpul are Operands (which specify data for the o…
Recent posts

Disassembling executable program with objdump in Ubuntu

objdump tool can be used to disassble an executable program to the assembly code.


objdump -d a.out
The resulting code would be for example:


Generating Assembly code out of C program with GCC

It is pretty straight forward to generate the assembly code out of the C program using GCC.

C program int main() { 
 int x = 1; 
 return x; 
}


Now GCC -S switch can be used to just to genrate the assembly code
gcc -S mycode.c 

The Assembly code would be store in the file mycode.s.

Assembly code
        .file   "int3.c"
        .text
        .globl  main
        .type   main, @function
main:
.LFB0:
        .cfi_startproc
        pushq   %rbp
        .cfi_def_cfa_offset 16
        .cfi_offset 6, -16
        movq    %rsp, %rbp
        .cfi_def_cfa_register 6
        movl    $1, -4(%rbp)
        movl    -4(%rbp), %eax
        popq    %rbp
        .cfi_def_cfa 7, 8
        ret
        .cfi_endproc
.LFE0:
        .size   main, .-main
        .ident  "GCC: (Ubuntu 5.4.0-6ubuntu1~16.04.2) 5.4.0 20160609"
        .section        .note.GNU-stack,"",@progbits

View compiled C program (Object file) content with Ubuntu 2016 objdump

Similar to otool in Mac, readelf and objdump can be used to have a look into the content of a compiled C program.

In the process of understanding how memory allocation works for the programs it is very important to know the content of the C compiled program.

Lets look at the sample C program:

int main() {
    return 1;
}
Save the above code in a file name init.c

Let's compile the program with gcc,

gcc -c init.c
This command will create the following Object file.

Reading the _start section of the object file where contains the assembly equalant for the C code.

objdump -d init.o

Example output

me@ubuntu2016:~/Documents/cprogram$ objdump -d int.o
int.o:     file format elf64-x86-64

Disassembly of section .text:
0000000000000000 :   
0: 55                            push   %rbp
1: 48 89 e5                  mov    %rsp,%rbp
4: b8 01 00 00 00        mov    $0x1,%eax
9: 5d                            pop    %rbp
a: c3                             retq


View compiled C program (Object file) content with Mac's otool

In the process of understanding how memory allocation works for the programs it is very important to know the content of the C compiled program.

Lets look at the sample C program:

int main() {
    return 1;
}
Save the above code in a file name init.c

Let's compile the program with gcc,

gcc -c init.c
This command will create the following Object file. Let us now view the file content with otool in Mac.

otool -tv init.o

Example output

mymac:otool-stuff suresh$ otool -tv init.o  init.o: (__TEXT,__text) section _main: 0000000000000000pushq%rbp 0000000000000001movq%rsp, %rbp 0000000000000004xorl%eax, %eax 0000000000000006movl$0x0, -0x4(%rbp) 000000000000000dpopq%rbp 000000000000000eretq

Installing SASM Assembly IDE in Ubuntu 2016

SASM IDE requires the following dependencies been installed priorly:

NASM assembler gcc-multilib  Above dependencies can be easily installed with apt-get. Follow the given bellow steps: sudo apt-get updatesudo apt-get -f installsudo apt-get install nasmsudo apt-get install gcc-multilib Then download the .deb distribution with the following command: wget http://download.opensuse.org/repositories/home:/Dman95/xUbuntu_15.10/amd64/sasm_3.6.0_amd64.deb then install the debian package with dpkg sudo dpkg -i asm_3.6.0_amd64.deb Once the installation is completed, run the following command to start the IDE, sasm


Enable Basic Authentication for webapps in Apache Tomcat 8 - PART 2 (Password Hashing)

In the first part of this blog post series we discussed on how to enable Basic Authentication for webapps deployed in Apache Tomcat. There we discussed some of the drawbacks of the proposed solution. One of the drawback was storing passwords in plaintext in the tomcat-users.xml file.

Storing passwords in plaintext is a bad practice without any doubt. Rationale behind not storing passwords in plaintext is to "prevent escalation of attacks". Network infrastructures are made up with different security layers. For example, the network segment facing internet is relatively less restricted than the internal network segments. When attackers breaks into one part of the network, their next step is to break further deeper into the other network levels to compromise the entire network, steal protected data etc. Plaintext passwords are a free pass for an attacker to escalate the attack into the next level.  

Tomcat provides an out of the box solution for this. With Tomcat, it is possib…