09-16-25 Lab 6
Class: CSCE-312
Notes:
gcc hello.c -o hello
- You can use
ldbon mac to debug C and C++ code
Registers available in x86 Assembly
+-----------------+----------------+----------------+----------------+
| 64-bit (8B) | 32-bit (4B) | 16-bit (2B) | 8-bit (1B) |
+-----------------+----------------+----------------+----------------+
| RAX | EAX | AX | AH / AL |
| RBX | EBX | BX | BH / BL |
| RCX | ECX | CX | CH / CL |
| RDX | EDX | DX | DH / DL |
| RSI | ESI | SI | SIL |
| RDI | EDI | DI | DIL |
| RBP | EBP | BP | BPL |
| RSP | ESP | SP | SPL |
| R8 | R8D | R8W | R8B |
| R9 | R9D | R9W | R9B |
| R10 | R10D | R10W | R10B |
| R11 | R11D | R11W | R11B |
| R12 | R12D | R12W | R12B |
| R13 | R13D | R13W | R13B |
| R14 | R14D | R14W | R14B |
| R15 | R15D | R15W | R15B |
+-----------------+----------------+----------------+----------------+
Some other registers:
rdi:
...
Flags:
+--------+----------------------+----------------------------+
| Bit # | Flag Name | Description |
+--------+----------------------+----------------------------+
| 0 | CF (Carry Flag) | Set on carry/borrow out of |
| | | most significant bit |
| 1 | -- Reserved -- | Always 1 in EFLAGS |
| 2 | PF (Parity Flag) | Set if low 8 bits have |
| | | even parity |
| 3 | -- Reserved -- | Always 0 |
| 4 | AF (Aux Carry Flag) | Carry from bit 3 → bit 4 |
| 5 | -- Reserved -- | Always 0 |
| 6 | ZF (Zero Flag) | Set if result == 0 |
| 7 | SF (Sign Flag) | Set if result is negative |
| 8 | TF (Trap Flag) | Enables single-step mode |
| 9 | IF (Interrupt Flag) | Enables/disables interrupts|
| 10 | DF (Direction Flag) | Controls string ops dir |
| 11 | OF (Overflow Flag) | Set if signed overflow |
| 12 | IOPL (bit 0) | I/O privilege level (low) |
| 13 | IOPL (bit 1) | I/O privilege level (high) |
| 14 | NT (Nested Task) | Controls task switching |
| 15 | -- Reserved -- | (Was RF on 286, reserved) |
+--------+----------------------+----------------------------+
Basic instructions in assembly
mov
Usage:
mov rax, rdx
- Reads bytes from register rax, and moves them to register rdx
Variations of mov
2 bytes -> mov
4 bytes -> movD
8 bytes -> mov@
If we have
mov rax, [rdx]
- Then
[rdx]is an address
If we have
mov [rax], rdx
- It goes to that address, reads it, and moves it to register rdx
lea
Usage:
lea rdi, [rbx + 0x10]
- Loads the effective address inside the register
Other basic instructions
add rax, rdx -> rax = rax + rdx
sub rsp, 0x10 -> rsp = rsp - 0x10
xor
or
and
- Note that the prefix
0xin front of a number just means "hex"
Accessing your Stack
If you want to access your stack you can use the following instructions
push rax
pop rax
pushadds an element to the stackpopremoves the last value from the stack and stores it inside registerrax
jump
Usage:
jmp 0x602010
- It sets your RIP
- " " Instruction Point (RIP)
- 0x602010 is an address
cal
Usage:
cal test
- This is a function call
- The first thing it does is that it just pushes
rspand the pushrbpto the stack so that when we are done with that function it just pops these two thingspush rsppush rbp
- Where is the stack store?
- It is inside the Memory
- Remember registers are inside your CPU
- Memory is apart from your CPU
ret
Usate:
ret
- A simple function return
cmp
Usage:
cmp rax, rbx
JZ(JNZ) test
- It checks these flags
- Basically a "set flags 1 0"
- It means you probably have "if" statements in your code
- JZ = Jump Zero
- JNZ = Jump Non-Zero