Day 1 Part 1: Introductory Intel x86: Architecture, Assembly, Applications

The class materials are available at http://www.OpenSecurityTraining.info/IntroX86.html
Follow us on Twitter for class news @OpenSecTraining.
The playlist for this class is here: http://bit.ly/IILMeN
The full quality video can be downloaded at http://archive.org/details/opensecuritytraining

Intel processors have been a major force in personal computing for more than 30 years. An understanding of low level computing mechanisms used in Intel chips as taught in this course by Xeno Kovah serves as a foundation upon which to better understand other hardware, as well as many technical specialties such as reverse engineering, compiler design, operating system design, code optimization, and vulnerability exploitation.

25% of the time will be spent bootstrapping knowledge of fully OS-independent aspects of Intel architecture. 50% will be spent learning Windows tools and analysis of simple programs. The final 25% of time will be spent learning Linux tools for analysis.

This class serves as a foundation for the follow on Intermediate level x86 class. It teaches the basic concepts and describes the hardware that assembly code deals with. It also goes over many of the most common assembly instructions. Although x86 has hundreds of special purpose instructions, students will be shown it is possible to read most programs by knowing only around 20-30 instructions and their variations.

The instructor-led lab work will include:
* Stepping through a small program and watching the changes to the stack at each instruction (push, pop, call, ret (return), mov)
* Stepping through a slightly more complicated program (adds lea(load effective address), add, sub)
* Understanding the correspondence between C and assembly control transfer mechanisms (e.g. goto in C == jmp in ams)
* Understanding conditional control flow and how loops are translated from C to asm(conditional jumps, jge(jump greater than or equal), jle(jump less than or equal), ja(jump above), cmp (compare), test, etc)
* Boolean logic (and, or, xor, not)
* Logical and Arithmetic bit shift instructions and the cases where each would be used (shl (logical shift left), shr (logical shift right), sal (arithmetic shift left), sar(arithmetic shift right))
* Signed and unsigned multiplication and division
* Special one instruction loops and how C functions like memset or memcpy can be implemented in one instruction plus setup (rep stos (repeat store to string), rep mov (repeat mov)
* Misc instructions like leave and nop (no operation)
* Running examples in the Visual Studio debugger on Windows and the Gnu Debugger (GDB) on Linux
* The famous “binary bomb” lab from the Carnegie Mellon University computer architecture class, which requires the student to do basic reverse engineering to progress through the different phases of the bomb giving the correct input to avoid it “blowing up”. This will be an independent activity.

Knowledge of this material is a prerequisite for future classes such as Intermediate x86 (playlist:http://bit.ly/HIaD4O) , Rootkits(playlist:http://bit.ly/HLkPVG), Exploits, and Introduction to Reverse Engineering.

Comments

Stephan Wib says:

Big thanks to Xeno and the whole team for this excellent material!

Ken Lee says:

Like it, thank you in encouragement of continue releases educational videos

indigophox says:

You forgot VLIW, and there are concrete arguments both ways as far as endianness.  And registers do not have endian.  There is not a “first” byte in a register!

cra0kalo says:

When is part 2 going to come out!

Sanek Vi says:

Thank you for making this stuff available, I was searching exactly for it.

Maxime de Montbron says:

this video is so awesome!!!

Hammi says:

i want to learn reverse engineering is this a good place to start

Nohcra says:

Thank you for this video, I’m new to Assembly and the way you explained the stack helped a lot!

Yuri Feldman says:

I think that ‘#’ is usually called ‘sharp’, like in music

techytube says:

I bow down before your awesomeness Xeno for making this available for free.. thank you!

SenseiTLien says:

lol its been “out”

Renan Silva says:

Very nice.
I decided o go a little deeper into programming and this video sure helped me.

Great work.

Luiz Guilherme Ribeiro says:

Hey guys! Can someone tell me what does he mean when he says that
registers are big endian? Is there any kind of addresses on registers
that we can access?

Thanks for the great content!

typedeaf says:

A bit strange that the instructor does not refer to ‘#’ as ‘pound’. Most people I talk to say, ‘pound include.’ Also, as a critique, the teacher makes too many references to material that has not yet been introduced. That can be extremely confusing for students.

Nicholas Lang says:

Can someone explain why this course is about 32bit, thats legacy hardware

Alex Martinson says:

Almost at the end of this video, when the stack is visually represented, when main calls the first sub-routine, we can see that ‘Caller’s saved return address is on the stack’. But when the first sub-routine calls the second sub-routine the ‘Caller’s saved return address is on the stack’ is missing from the picture. Any particular reason? I guess saving the return address of the caller has to happen every single time a call to another sub-routine is made. Please correct me if I am wrong. The slide in this particular section could be confusing for novice people.

jvsnyc says:

Even though it is slightly counter-intuitive to me, because having the top of the stack at the bottom of the picture makes it look like things are going to fall off of the stack  due to gravity, I appreciate your use of that convention.  Because when we are looking any details up in the future — where are we most likely to be looking?  At Intel’s free developer documentation, which uses this slightly weird-looking convention (to always show memory with lowest addresses at the bottom  suppose) thoughout.  We might as well get used to it now.

Mauro Cezar says:

Thank you for posting this video, it was really helpful.

x01 says:

this has really helped me out thanks.

abdulaziz al-etaibi says:

you need to know programming language plus assembly

Christian Coleman says:

I could not find Dillon, so with respect to max instruction length (https://youtu.be/H4Z0S9ZbC0g?list=PL038BE01D3BAEFDB0&t=899) it is 15 per the sauce: https://stackoverflow.com/questions/14698350/x86-64-asm-maximum-bytes-for-an-instruction

Trial Beatz says:

nevermind, just found opensecuritytraining.info/IntroX86.html

Alex N says:

For the extra geeky crowd. The language that the processors actually speak is called Microcode, it is the lowest level instruction language in which processor architects implement assembly language instructions. For an assembly instruction, microcode generally describes a detailed sequences of hardware-level operations. This is much more flexible then implementing the assembly instructions in hardware, due mostly to the fact that it can easily be changed or updated as needed.

Thomas Hamer says:

you can watch this series at 1.5 speed and save a lot of time.

Alex Martinson says:

Thanks for the video. Before making the explanation about stack layout between caller and callee, it would be much better to come up with a tiny little concrete examples and/or images. Fior a very long period of your session a high number of bullet points where the dominant slides. This session could be made less abstract as in the beginning so much abstraction causes confusion for people who are watching it. I used to teach C and C++ and I am just trying to be helpful and hope you are not offended by my comment about your teaching methods.

Passwordcracks says:

DILLON WHERE ARE YOU

Paul Michaud says:

“hashtag include” NOoooooooo!!

Thomas Eugene Agius says:

Alliteration xD.

cra0kalo says:

yeah I found it moments after posting that comment -_-

Foci Eke Hi To - says:

Anyone else snicker a little when he said “Bi Indians go either way”?

AI MG says:

Thanks for sharing awesome job

starlight says:

Excellent teaching, thank you.

Michele Biondi says:

Thank you for this really useful material

Write a comment

*

Human Verification: In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.


Do you like our videos?
Do you want to see more like that?

Please click below to support us on Facebook!

Send this to a friend

▷ Other ReviewsVehicles▷ Show Cars▷ Motorbikes▷ Scooters▷ Bicycles▷ Rims & Tires▷ Luxury BoatsFashion▷ Sunglasses▷ Luxury Watches▷ Luxury Purses▷ Jeans Wear▷ High Heels▷ Kinis Swimwear▷ Perfumes▷ Jewellery▷ Cosmetics▷ Shaving Helpers▷ Fashion HatsFooding▷ Chef Club▷ Fooding Helpers▷ Coktails & LiquorsSports▷ Sport Shoes▷ Fitness & Detox▷ Golf Gear▷ Racquets▷ Hiking & Trek Gear▷ Diving Equipment▷ Ski Gear▷ Snowboards▷ Surf Boards▷ Rollers & SkatesEntertainment▷ DIY Guides▷ Zik Instruments▷ Published Books▷ Music Albums▷ Cine Movies▷ Trading Helpers▷ Make Money▷ Fishing Equipment▷ Paintball Supplies▷ Trading Card Games▷ Telescopes▷ Knives▷ VapesHigh Tech▷ Flat Screens▷ Tech Devices▷ Camera Lenses▷ Audio HiFi▷ Printers▷ USB Devices▷ PC Hardware▷ Network Gear▷ Cloud Servers▷ Software Helpers▷ Programmer Helpers▷ Mobile Apps▷ Hearing AidsHome▷ Home Furniture▷ Home Appliances▷ Tools Workshop▷ Beddings▷ Floor Layings▷ Barbecues▷ Aquarium Gear▷ Safe Boxes▷ Office Supplies▷ Security Locks▷ Cleaning ProductsKids▷ Baby Strollers▷ Child Car Seats▷ Remote ControlledTravel▷ Luggages & Bags▷ Airlines Seats▷ Hotel Rooms▷ Fun Trips▷ Cruise Ships▷ Mexico Tours