Exploitation Boot Camp: Basic Disassembly Step 1:: Simple Hello World Requirements: Unix System C or C++ Syntax Knowledge Basic Assembly Knowledge Basic Linux Knowledge of commands
First of all before you begin exploitation you must have a good understanding of programming, in particular C and C++. It also helps to have an understanding of assembly language however i will go over the basics here, the most essential thing however, is the ability to think outside the box.
Lets start by writing a simple Hello world app in C.
The code you write in here does not matter, it is simple an example to show basic disassembly. Lets now compile it using whatever compiler you use, i recommend GCC for linux, or GCPP for C++, to compile enter the following code,
You will also see how to execute the binary if you really dont know how.
Step 2:: Examining Compiled Binaries
We will now take a look how the compiled binary looks using a program called objdump, showing each byte in hexadecimal or hex as you may know it as. I also recommend familirising youself with Hexadecimal number system. The hex numbers represent the memory addresses, which is just places in the memory (temporary storage).
We will now debug the program we created to show the processor registers at certain points in the program, we will do this by entering breakpoints to pause the program. To do this enter the following code, we will use a program called gdb which should be installed as default on most linux systems i believe.
You can see the registers RAX - accumulator RCX - counter RDX - data RBX - base
These are known as general purpose registers, named above, these are basically variables for the CPU the next four registers RSP - Stack Pointer RBP - Base Pointer RSI - Source Index RDI - Destination index These are also general purpose, the pointers store 32 bit addresses pointing to locations in the memoery.
The RIP register is the instruction point register that points to the current instruction being read, this is a very important register.