A basic introduction into x86 assembly
Assembly is the most basic computer language you can get.
In Assembly you basically write Instructions in human language.
It can help you understanding what is going on inside a CPU.
We will discuss x86 assembly, meaning that you can only write x86 assembly code.
If you want additional informations regarding this write in the comment section.
I will eventually write another Tutorial.
Syntax
Assembly has a pretty simple syntax.
It is quite similar to AutoHotkey commands.
It consists of a instruction that is then followed by its parameters separated by commas.
Example:
Parameters?
The Parameters mostly are source and target parameters.
The first parameter gets the result of an instruction, if any.
Code: Select all
MOV EAX,EBX ;copies the content of EBX to EAX
ADD EAX,EBX ;adds EAX to EBX and then stores the result to EAX
Source and target parameters can be register or memory adresses.
Memory addresses are enclosed by square brackets.
An operand can also be a direct number.
Code: Select all
MOV EAX,[0x1000] ;Load memory address 0x1000 to EAX
ADD EAX,1000 ; add 1000 to EAX
MOV [0x1000],EAX ; store it back to memory address 0x1000
You can add a label above a chunk of code in assembly:
Code: Select all
Addtoavar:
ADD [0x1000],1000 ; does the same as above without using the EAX register
The assembly compiler resolves the label to an address so we can call it like a function or jump to it.
The
CALL instruction comes with it's helper the
RET instruction.
When the
CALL instruction is executed you jump to the target address and
RET jumps back to the next instruction after the
CALL instruction.
The Stack:
There is a special place in memory that programs can use, its the stack:
The stack is exactly as the name says a stack.
You stack information onto it and remove it if you don't need it anymore.
It is found at the end of the address range:
Code|Data|...|Stack
You can add data to the stack with the
PUSH instruction.
It puts new data onto the stack and decreases the pointer to the new beginning of the stack.
The opposite is the
POP instruction.
It puts data from the stack to somewhere and increases the pointer to the new beginning of the stack.
The pointer to the stack is found in the ESP register.
You can also access the stack with the MOV instruction:
Code: Select all
MOV EAX,[ESP] ;accesses the value on top of the stack and puts the result into EAX
MOV [ESP],EAX ;puts the value of EAX on top of the stack overwriting existing information that is stored there
When you call something with the CALL instruction it pushes the return address on top of the stack.
If you return with RET it uses this address to return where it was before.