Well, after all this assembly programming and debugging in gdb, I think it’s time to try some assembly in Windows. I’ll start by downloading and installing MASM. It’s incredibly easy, but I’m posting because I’m excited to try some Windows assembly. 
Tag Archives: vivek ramachandran
Examining a Buffer Overflow in C and assembly with gdb
Welcome University of Maryland students! Thanks for visiting!
I’ve now finished Vivek Ramachandran’s Assembly Primer for Hackers and I’ve decided to move on to his Buffer Overflow Primer. I’ve exploited basic buffer overflows before, but I think going through his videos will give me more perspective now that I’ve brushed up on assembly.
In this article I’ll be stepping through the program in Vivek’s first video and providing some additional tips and tricks that I find useful when reviewing the program in gdb. I’m also on a 64-bit machine, so things are a bit different in gdb for me than they are in the video. Therefore it’s better that I write up my own explanations as I grasp the material so when I review later it will be more clear.
Comparing Strings in Assembly
As part of my quest to improve my assembly skills I’ve been reviewing Vivek Ramachandran’s Assembly Primer for Hackers. I’ve nearly completed the series and I thought I would try out some of what I learned. I did my best to write this code completely from scratch and without reviewing the videos at all. I did peek at Professor Ben Abdallah’s reference guide to decide which loop instruction was appropriate and how to jump to the correct label after using cmp, but I didn’t feel like I was having to learn the material; it was used as a reference guide just as it was intended.
Data Types and Moving Data in Assembly
I’m still following the Assembly Primer for Hackers from Vivek Ramachandran of SecurityTube in preparation for Penetration Testing with BackTrack. In this review I’ll cover data types and how to move bytes, numbers, pointers and strings between labels and registers.
Reviewing Debugging with gdb
As you may have noticed, I’m preparing to become an OSCP. In addition to brushing up on assembly, I’ll also be stepping through the debugger.
Let’s review gdb and go over some tips to make sure the course work becomes smooth sailing. This is primarily an introduction to general use of gdb, but there are a few tips and tricks as well.
Reviewing Assembly
Assembly is a language I’ve dabbled in for years, but never really pressed myself to become fluent in. I understand the basics of memory layout and the general idea of how to program in assembly, but I’ve never fully applied these skills in the security realm. In preparation for Penetration Testing with BackTrack, I’ll be reviewing assembly language from the ground up to ensure I’m at maximum potential going into the study course.
To review assembly I’ll primarily be following the Assembly Primer for Hackers from Vivek Ramachandran of SecurityTube. I’ve been through several of these lessons before and they’re very easy to follow for someone who has previous Linux and programming experience but would like a thorough introduction to assembly. What I’ll be doing here is documenting simple tips that will help me later. Hopefully this will become a useful study guide and cheat-sheet for both assembly and gdb (the GNU debugger).