### Assembly

Course
Time
13 hours 15 minutes
Difficulty
Beginner
CEU/CPE
14

### Video Transcription

00:01
Hello. This is Dr Miller, and this is Episode 6.3 of Assembly.
00:07
Today we're gonna start using the stack, and then we're gonna have an example of calling the function print f
00:13
using the stack.
00:15
So when we have a stack, one of the things that we're gonna want to do is we're gonna want to either push things on or pop things off.
00:23
And so every time that you push something on right, it modifies E S p.
00:29
And when you're done, you need to pop it back off. So an example would be pushy X push ebx, and then we can pop them in the reverse order.
00:38
So that's one way to restore the stack back to its original state, which is what we need to do all the time.
00:44
The other thing that we could do is we could push on to registers or a registered twice. And then we can just add TSB to correct the amount that we put on there.
00:54
If we don't do this, that our program is gonna crash and we'll show an example of that in a little while.
01:00
So, for example, you might want to save some data when you enter a function and we'll talk about how to create functions and Lex lecture.
01:07
So when you enter your function, you might want to push registers. So, for example, yea, x e c x e d x Yes, I
01:15
And then when you're done, you need to pop them off in the reverse order. It's a little last one that you pushed is the 1st 1 that you pop
01:23
You can see we did e d I E d x e c x and then e x.
01:29
And so when we create functions we're gonna want to enter, we're gonna save our our registers. And when we exit, we're going to restore them back in the reverse order that we had
01:38
so print f
01:41
so print f is a C function that has a variable amount of arguments, which means that you can have 01234 10 20 whatever the number of arguments that you want is
01:52
and we have this thing called a format string. So format string has thes percent characters, and then that gets replaced with the actual variables X y and see.
02:05
So what we're gonna do is we're gonna call a print f function.
02:08
And we gotta push our arguments in the reverse order because the first thing on is the last thing that we have in there.
02:15
So we'll go ahead and start our project here.
02:21
So I've already built the project.
02:30
So the first thing that we're gonna do is we're going to declare a couple variables and then we're going to define our format string.
02:38
So I'm gonna try and do the same format string that we had before.
02:46
I'm just typing that in
02:49
the percent de means that it's going to be a integer.
02:55
The percent C is a character,
03:00
and then the 10 is our new line in the zero terminates a string and then we'll declare a couple variable so x
03:07
as 10. Why
03:10
as 20
03:15
Then I'll show some examples here,
03:17
so we have to push on our arguments in the reverse order. So I'm gonna push my character first
03:24
so I can define a character. So that is the character a right, so that would put it onto the stack. Now I could
03:30
use a register to put that in, but we'll just show pushing an immediate or just pushing ah, hard coded value onto the stack
03:39
here. We want to get the value of what? Why?
03:49
And I'm just using X because it's convenient.
03:57
No, Melo do X here.
04:01
Alright, so I've put them on in the reverse order. So I got my character is the first thing that I put on because it's the last thing in here.
04:09
Then I got why, then I got X. And now I need to put on my format string
04:16
and for the format.
04:18
We want the address of it. We don't want the actual data at it, so we're getting the address and they will push that on
04:25
to our stack.
04:27
Now we're ready to call our function.
04:31
So the function is called print half, but it doesn't exist in our normal spot. It exists in the sea library. So we have to tell it that
04:41
we have an external function called print F.
04:46
And then we can see here that we pushed on 1234 items onto the stack
04:51
and some when we're done, we have to correct the stacks. The easiest way to do that is to add
04:58
to yes p
05:00
the number 16.
05:01
Or you could do 10 in Hex. Either one is fine. So 16 based 10 or we can do this to 10
05:08
hex.
05:17
So we built our project.
05:19
So now we can go ahead and run it
05:23
so printed off the data that we thought it would print off. So let's go back in.
05:30
Let's look at if we forgot to correct the stacks, I'll just comment on this line.
05:34
So now when I build my project,
05:42
it causes it to crash
05:44
because there are
05:46
pointers that air saved on the stack that if we don't restore the stack back to its original than it's gonna have problems.
05:50
And even if I if I did this and I let's say only corrected it by
05:57
06:00
cause I forgot about one of my arguments that I put on there,
06:08
clean my project and run it,
06:13
it also cause it to crash.
06:15
So one of the keys to understand here is that you want to make sure that you put the correct amount back on, so I'll do 16 and decimal
06:25
now. When we were on our function,
06:27
it works fine and it doesn't crash
06:30
and a segmentation fault. This means that the program tried to access a region of memory that it wasn't allowed to access.
06:40
All right, so today we looked at using the stack by calling our function that was called print. If
06:47
so, here's a couple quick questions when exiting a function. What operation? To perform on E. S. P.
06:56
So generally we add E S P and then some amount. And that's the amount that we allocated when we were entering the function or before we were calling a function.
07:06
And then how do we save registers?
07:11
So we pushed the register. So we looked at earlier. You push them and then you would pop them. So
07:16
push yea x or push ebx. Whatever the register that you want to save this
07:24
looking forward, we're going to look at calling functions and then even creating what we call recursive functions.
07:31
If you have questions, you can contact me at Miller MJ at you and Kate I e to you. And you can find me on Twitter at Milhouse 30

### Assembly

This course will provide background and information related to programming in assembly. Assembly is the lowest level programming language which is useful in reverse engineering and malware analysis.

### Instructed By

Matthew Miller
Assistant Professor at the University of Nebraska at Kearney
Instructor