Thumb Mode Example

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Assembly
Course
Time
13 hours 15 minutes
Difficulty
Beginner
Video Transcription
00:01
Hello. This is Dr Miller, And this is Episode 12.9 of Assembly.
00:08
Today we're going to give an arm thumb. Example.
00:11
Our thumb example. So what's our problem? To be solved.
00:14
So we're going to create a program that prince a tree or triangle of Asterix. I'll actually leave it up to you to try and see if you can design an actual tree.
00:24
So we're gonna write a couple different functions. They're gonna print off our *** tricks for us.
00:31
Alright, so first of all, we'll start off with being able to print are different things. So we're going to create some strings.
00:40
I don't have one called star
00:45
for being a gastric, and we're gonna have one that's on underscore.
00:54
And you can change these depending on how you want it to look. And we might actually even change them when we get done.
01:02
All right. So in our main, we're going to go ahead and
01:06
push our link register
01:08
and we will pop our link register well done, and then we'll do a branch in exchange.
01:15
So the first thing we're gonna do is we're just gonna basically ask Caesar how maney we want them to read so
01:23
you could add a prompt a few woman.
01:26
So then we're going to write our thumb function. So we're gonna do branch with Link and Exchange
01:32
because we're going to go into thumb mode and we're going to call a function called Try.
01:36
So this will be able to build our triangle for us.
01:40
So the first thing we're gonna have to do is we're going to have to tell the compiler and assembler that we're going to be creating a thumb function. So
01:52
So we're going to tell that we're gonna line on two byte boundaries
01:57
and then this is a film
02:00
function.
02:02
I recall a try,
02:06
and then we don't have access to necessarily all the registers that we would normally have. And so
02:13
when we're doing this for our stack pointer, we're actually going to use, um, are seven. So
02:19
what we're gonna do is we're gonna save R seven and R link register,
02:23
So if you ever compiled some code, you'll end up seeing that.
02:31
So just copying stack pointer to our seven and then subtracting from the stack pointer,
02:38
we'll just save 20 at this point.
02:40
Now we go to clean up our stack. We're going to move SP R seven
02:46
and then
02:50
up
02:51
and we're gonna say are seven to save that one and then
02:53
we're gonna prop into the program counter. So we pushed the link register and then we prop into the program counter. And so let's return from our function.
03:02
It's just one way to do it. There's lots of different ways,
03:07
all right, so in this function, we're going to use our six a za counter,
03:14
and it's going to start at zero, and it's actually an account, the second part of what we're doing. If we recall from radiant that's in our zero and so r zero will have
03:24
the number that we want to do, and so this is going to count the opposite way. So we're gonna deck Ament
03:30
are zero until we get down to the bottom and we're gonna incriminate our six at the end.
03:38
So here is a top of our loop.
03:43
We'll jump up to it
03:46
at the bottom, and then we're going to be doing some comparisons. So we will compare
03:53
are 0 to 0, so r zero is going to be going down.
03:58
So let's make a comment So
04:00
our six goes
04:02
up
04:05
are zero goes.
04:11
Okay,
04:14
So if Arsene ours zero is the number zero So branch equal,
04:19
we're going to actually what is called us and said a top Let's call it t one.
04:25
It's a top one, cause we're gonna have two different functions
04:29
when it's done, we're going to go to done one, because we're going to do two different functions here.
04:38
Okay, so this will allow us to break out of our loop, and then we can go back up to the top. So now we can do the fun stuff.
04:45
So first of all, I'm gonna use our zero. My other functions, I'm gonna push are zero.
04:51
I'm done doing my friend staff pop
04:56
are zero.
05:00
Okay. And then we're gonna end up calling our star function, so we'll start here and do this. And then we'll, um, add some additional things so we can go ahead and load into our five
05:12
the address of star,
05:16
and then we're gonna do branch of link and then star
05:21
fun. So this is gonna be our function that's going to do stars. Now we're in thumb mode, and we're gonna write another thumb function so we don't need to exchange.
05:32
And then let's see.
05:36
Oh, we want to do some other fun stuff, like move are zero.
05:43
Um,
05:44
so let's create a new line here
05:51
so that we can print off the end of our line.
05:56
So when we're all done, we move that into our zero, and then branches link
06:00
print F so we can print off our new line.
06:04
Um, once we're done with all of our funds stuff that we're doing, we restore our zero, and then we need to decker minute. So, sub
06:13
or a zero,
06:16
the number one.
06:18
But then we want our six to go up. So add our six,
06:26
the number one.
06:30
All right,
06:31
so now we'll get into our star function. So again we're going to tell it
06:39
we're still lining it, Teoh,
06:44
and this is also a thumb function. So this is gonna be called
06:48
star fun,
06:51
and we will have similar things in this one that we had in the previous one. So again push
07:00
our seven our link register cause we got to save where we're going.
07:11
It's a check from our our stack
07:14
at the end of our function again doing the same thing.
07:17
We're gonna move SP r seven
07:23
and then pop
07:25
our seven.
07:28
Oh, and the program counter.
07:32
All right, so here is the fun stuff that we need to do. So again, we're gonna have and this one we're gonna have a top,
07:38
so we'll go t to
07:41
and then down here,
07:44
de to
07:46
and at the bottom of it, we're gonna branch to t two. And they were to do a comparison.
07:54
So
07:55
and this one, we are going to,
07:58
um
08:00
so are zero is our counter that we had in our previous one. And we call this we want to. Basically, Decker meant that
08:05
Weaken Decker meant it because we've saved in our previous function.
08:09
So let's start that off. So move are for
08:15
are zero.
08:16
So we'll copy R zero into our four,
08:20
so we can use it later. And movinto are three
08:24
zero. So we'll use these a little bit later.
08:28
So here will do a compare
08:31
r three and r four
08:33
and then
08:35
we will branch if they are equal
08:39
to done right. So Well, this is where we'll exit.
08:43
So are four is going to get dec amended, and this is gonna get blown away when we do our print f. So we need to make sure that we keep track of that
08:52
and then move into our zero
08:58
or five.
09:01
So
09:01
are five is gonna have what we're going to print, So that's gonna be a pointer to our printer. So we set that up here,
09:09
And so then inside of here, we can use that as okay, this is the thing we're gonna wanna print
09:13
because we're actually gonna print some different things based on what we want to do.
09:20
And then we want and push
09:22
both r three and R four
09:26
onto the stack so that we can save him because we're gonna call print off and that will probably destroy some stuff. So branch link in exchange.
09:33
So print f is not thumb. And so we have to do a Lincoln exchange in order to get to it.
09:43
And then here we can restore registers R three and R for
09:48
from our print f
09:52
and then we want Teoh. Add are three
09:58
by one. Right, So are three started
10:01
started here at zero, and it's going to keep implementing until it gets to our four, which had how many stars we wanted to print.
10:11
No, I forgot to set my one there.
10:15
All right,
10:18
so this function should print are stars. And then when we're up here, we can go ahead and we will load the star that we went to print and then call our star fund and then go ahead and get a new line and go ahead and print that
10:33
so we'll see if that works.
10:41
Oh,
10:43
looks like I tried to do a move instead of a load
10:50
up in the new line
11:05
so we can see it printed off four stars and then three and then two and then one. And if we put in bigger numbers
11:11
on
11:13
20 and settle, print those off,
11:18
so then we can go in there and we'll add a couple more things, and then we'll look at the code
11:22
for doing this. So here we're printing off the stars. But we could also do the same thing for our underscores. So
11:31
here we can say
11:33
knowed register are
11:35
five
11:37
under,
11:39
and I'm branch with links star
11:41
fun.
11:46
So then we were on that one and say 10.
11:50
Okay,
11:54
I think we see.
11:58
Oh, we need to.
12:01
So we want to move into our zero
12:05
are six. And remember, we're saving our zero. So we're just copying our six.
12:09
So I wanted to do that many stars, not just one.
12:18
So now we print the same number of characters who either print them as stars or underscores.
12:24
And then if you go through and you change it just a little bit
12:28
and actually, if you just invert this So now star is a space and the space is a star.
12:37
And if you have a mono spaced font,
12:41
then you get sort of a triangle out in the middle of nowhere, right? So you printed a bunch of spaces and then we printed one, and then we printed two and then three and then four.
12:50
So a lot of times we'll have students try and make this turn this into a Christmas tree. So print the other side and then figure out how to print the bottom.
12:58
But if we want to look
13:13
endless, look for one of our function. So let's look for
13:22
so I'm gonna look here for this string right here,
13:28
So I got put quotes around. It's a stuff doesn't get broken around,
13:31
and then
13:33
minus A is to print some text after so a print, Let's say 30 lines after.
13:39
So if we go here and look at our star fund, we can see that
13:43
generally we have thumb instructions here. One clear exception is going to be our branch with Lincoln Exchange. So that's a wide instruction for to go to print F.
13:54
Um, and then we get down to the bottom of our function. So that's star fun.
14:00
But we did.
14:01
We can also look at
14:05
try
14:09
and again. We can see most of these. We got our branch of links end up being wide instructions. But the rest of them end up being,
14:16
um, regular thumb instructions that we can have them. We can see that we can mix them in between, just depending on what we're doing.
14:31
All right. So today we created a thumb program and we printed off some stars and tried to build the tree. And you can extend that if you'd like
14:39
looking forward, we'll talk about conditional execution.
14:43
If you have questions, you can email me Miller M J U NK doubt you to you, and you can find me on Twitter at Milhouse 30
Up Next
View All
Instructed By
Matthew Miller

Matthew Miller

Assistant Professor at the University of Nebraska at Kearney

Instructor
Similar Content
How to Use GDB (BSWJ)
Course
How to Use GDB (BSWJ)
4.25
In this part of the Breaking Stuff with Joe (BSWJ) series, Joe Perry demonstrates how ...
How to Use IDA (BSWJ)
Course
How to Use IDA (BSWJ)
5
The IDA is used throughout the IT and cybersecurity industries by exploit developers, vulnerability analysts, ...
Advanced Malware Analysis: Redux
Course
Advanced Malware Analysis: Redux
4.83
Do you have knowledge of malware analysis core concepts, but want to transition from malware ...
5CEUs