Link to this headingAssembly
Code and compiled assembly back to back
Tutorials:
ASCII table
x86_64 NASM Assembly Quick Reference
x86 Architecture Overview
ARM Assembly to HEX
Intel Introduction to x64 Assembly
x86 and amd64 instruction reference
ARM Assembly Basics
Link to this headingBasics
Stack operations:
- push value: pushes a value into the stack (decrements ESP by 4, the size of one stack ‘unit’).
- pop register: pops a value to a register (increments ESP by 4).
Data transfer:
- mov destination, source: moves copies a value from/to a register.
- mov destination, [expression]: copies a value from a memory address resolved from a ‘register expression’ (single register or arithmetic expression involving one or more registers) into a register.
Flow control:
- jmp destination: jumps into a code location (sets EIP (instruction pointer)).
- jz/je destination: jumps into a code location if ZF (the zero flag) is set.
- jnz/jne destination: jumps into a code location if ZF is not set.
Operations:
- cmp operand1, operand2: compares the 2 operands and sets ZF if they’re equal.
- add operand1, operand2: operand1 += operand2;
- sub operand1, operand2: operand1 -= operand2;
Function transitions:
- call function: calls a function (pushes current EIP, then jumps to the function).
- retn: returns to caller function (pops back the previous EIP).
Link to this headingFunctions
Function prologue:
A function prologue is some initial code embedded in the beginning of most functions, it serves to set up a new stack frame for said function.
Function epilogue:*
The epilogue is simply the opposite of the prologue - it undoes its steps to restore the stack frame of the caller function, before it returns to it:
Now at this point, you might be wondering - how do functions talk to each other? How exactly do you send/access arguments when calling a function, and how do you receive the return value? That’s precisely why we have calling conventions.
Link to this headingCalling conventions
__cdecl: