DEV Community

Cover image for RE Week 2
pirateducky
pirateducky

Posted on • Edited on

2

RE Week 2

#hacking

This has been week #2 learning reverse engineering, this time I've gone over some basics:

  • The call stack
    • What is it? How does it work?
  • Assembly
    • Learning more about assembly x86
    • How does assembly work

Week #2 has been all about the stack and assembly. Going over the preparations section of the workshop, I went over the purpose of the stack as well as assembly:

What is the stack?

  • The stack is a data structure, it gets assigned an area of memory which it uses to store information about the executing program, it uses registers(storage areas, esp, ebp,eax, nop etc) to know what's executing by storing data & memory addresses, we can use instructions(actions we can perform using assembly language like push, pop, mov, jmp and more) to interact with the stack
  • The stack grows down to higher memory addresses, which also means the stack starts at lower memory addresses.
  • The stack keeps track of everything that happens when a program executes, it knows exactly what variables the program will use and which functions are running by using registers like ebp(which points to the base of the stack) and eip(which points to the next instruction to perform).

What is assembly?

  • Low-level programming language
  • Gets turned into machine language
  • Instruction set is used to write programs which use registers and instructions
    • some instructions include:
      • nop push pop mov add call ret
    • all instructions performs actions using registers
      • mov eax, [ebx]: move the 4 bytes in memory at the address contained in ebx into eax
    • instruction format
    • operation argument
    • operation argument, argument
      • mov eax, [ebp-8] square brackets acts as the de-reference operator in c so the mov instruction "moves" the value that's at ebp-8 and stores it inside eax [Intel Syntax]

x86 ASM

Next week: Going over some basic C, installing tools, trying some exercises

Resources

azeria-labs more about the stack
OALabs: youtube channel
Discord: resources, and community
Awesome RE: Github repo
ROP beginers: return-oriented programming (here for later reference)

Modern X86 ASM
x86 ASM

cover image
asm cheatsheet
x86 Intro

profile
Sentry
 Promoted

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Top comments (0)

profile
Pieces.app
 Promoted

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

Read next

rivkaavraham profile image

nextjs react native

Rivka -

turingvangisms profile image

Nextjs on Netlify

Turing -

laetitiaperraut profile image

Navigating Open Source License Compliance in Blockchain Projects

Laetitia Perraut -

mikeyoung44 profile image

Adaptive Data Mixer Cuts AI Training Costs by 30% While Boosting Performance

Mike Young -

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay