### Assembly

Course
Time
13 hours 15 minutes
Difficulty
Beginner
CEU/CPE
14

### Video Transcription

00:03
Hello. This is Dr Miller and this is Episode 14.14 of Assembly.
00:09
Today. We're going to write a system call when we're going to use into 80 in order to do it, and we're going to use both fork and wait
00:17
so four can wait. System calls.
00:21
What's our problem? To be solved. So we'd like to use fork system called to create two processes.
00:27
And then what the child is going to do is it's going to sleep for a while, and then the parent is gonna wait for the child, Take exit
00:34
on, then then each of these processes is going to print right before it finishes.
00:40
So a couple of interesting places you can look so you can look and understand fork and understand what it does. So fork allows you to create two different processes.
00:50
The i d for the parent is the child and the i d for the child is zero.
00:57
And then we also have weight,
00:59
and so weight is gonna wait for a process or a P i d. In order to finish,
01:03
we'll be able to see that it takes three parameters, and we're gonna have to set up those parameters when we make our call.
01:11
All right,
01:15
so we'll get ready for our print statements.
01:17
So inside of here, we're gonna have the child's
01:19
print statement,
01:27
and then we'll have the parent
01:34
putting our new lines and our Knowles inside of there, and then we're gonna print off our child's I d.
01:42
Inside the parent.
01:53
We're gonna print a number. So it's got a percent D again, put a new line
01:59
02:00
And then inside here, we have
02:05
print F that's external, and then we're actually going to use the sleep function.
02:14
All right,
02:16
so the very first thing that we're going to do is we're going to make our call to fork also create a couple labels. So I got my child.
02:30
That's like I done.
02:32
And so both the child
02:37
on the parent
02:38
02:43
All right, so if we look up the system, call number four fork. That is the number two. So we're gonna go ahead and move into E X,
02:50
the number two.
02:52
We're then going to just call into 80 so fork doesn't take any arguments. And so we can just go ahead and call
03:00
in 80. And then what we're gonna do is we're gonna look at the value for T a X, so the A X will either have the p i D. Or it'll have zero. So go ahead and compare that
03:09
to the number zero.
03:12
So jump if it's not zero to our parent
03:17
and then jump zero or you could just to jump to the child or additionally because it's right after here
03:25
we will get a fall through.
03:29
So on our child, what we'd like to do is we'd like to do I sleep first and then we will go ahead and exit in this league just shows us
03:38
that the parent is, in fact, waiting for the child. So
03:43
I'm gonna push the number three for three seconds. Call sleep.
03:47
So it allows us to sleep for three seconds Ad yes, p
03:53
four to correct our stack,
03:55
Then we're going to move into the x r C, which is that string above
04:02
call print
04:05
string to print off that string. And then we've got our call to jump and done.
04:11
All right, so the parent has a little more work to do um
04:15
so here, we're going to try and print off that child I d So that we know that the parent is we're ready for that child to go, So push X.
04:24
So that is the P i. D. Right that we got from up here. You did that comparison on. So would you go ahead and push that on the stack
04:30
movie a X format,
04:35
push yaks. So push our format,
04:40
then call print off.
04:44
So you can print that.
04:46
I'll go ahead and correct our stack.
04:54
So we got two parameters on, there's We'll go ahead and add eat
04:58
to that.
05:00
All right.
05:01
Um,
05:03
and actually will go ahead and do four. And then
05:06
so if I take off four, I'll get off that print f argument, and then I want to get back that p i d. That I need to wait for
05:15
and so I'm going to go ahead and pop
05:17
e v X. So I'm gonna save that I d into yea X cause I'm gonna actually need it.
05:23
So when we call Wait.
05:27
This is the p i d to wait for
05:31
Okay. And then I'm gonna allocate on the stack for our,
05:35
um
05:38
the pointer that it needs. So it needs a pointer to, um store the information about the p i. D. And so we're just going to subtract a local very Blair So sub
05:46
Yes, p eight,
05:48
but a comment here.
05:54
Well, then go ahead and calculate that stacker. So sack pointer to movie, See Ex?
06:00
Yes, P
06:02
Okay,
06:04
um and then we're gonna have to set our options again. All of our elements are going to be inside of registers, so our options for that coal are going to be zero, so we don't have any options,
06:18
and then we again have to look up the function for weight. P i d. So that I d Which is going to go in E x is the number seven slat is weight P i d.
06:30
And now we're ready to go ahead and, um, do our system call and use int 80
06:36
for that.
06:39
And then we pushed on a couple things to the stack. So add yes, p eight.
06:46
Um and then we're gonna go ahead and print that were done, so we'll go ahead and move into yea x p, which is that string at the top
06:53
for the parent
06:54
call print
06:57
string.
07:00
All right,
07:11
so as we can see it printed off the child's p I. D. Um, the parent waited for the child, and then when the child finished it print that it printed that it was done, and then the parents was waiting for that. And so when we go into the assembly,
07:26
we can see
07:29
So the the act of waiting on a P i d will not return until that child has terminated. And so the parents will be waiting here on this line after it's called this
07:40
in order to execute, because it doesn't have,
07:43
um,
07:44
the P I d for the child. So it waits until that child finishes, and then it can continue executing. So that's why we saw a delay.
07:50
And again, if we ran it again, we would see a new child. P i d.
07:55
It would wait for the child to be done approximately three seconds.
07:59
Um, and then the child would finish, and then the parent would finish.
08:07
So today we talked about using system calls, and we did both a fork and a weight.
08:13
So looking forward, we're gonna talk about strings and see and see how they are in assembly.
08:18
If you have questions, you can email me, Miller, MJ at you and Katie to you, and you can find me on Twitter at my house 30.

### Assembly

This course will provide background and information related to programming in assembly. Assembly is the lowest level programming language which is useful in reverse engineering and malware analysis.

### Instructed By

Matthew Miller
Assistant Professor at the University of Nebraska at Kearney
Instructor