James Taylor Posted July 30, 2018 Posted July 30, 2018 How did you start learning assembly programming language? What books is best for helping learning assembly from ground up? Please make you own opinion based on your experience. Thanks
evlncrn8 Posted July 30, 2018 Posted July 30, 2018 intel x86 / x64 opcode reference manuals (i think you can download them in pdf form on their site somewhere) then writing some apps in asm to get a grip for masm etc, or in c and then debug them to see how things work then lena's tuts (i've never used them though, i taught myself a long time ago, where i'd dl the opcode ref's and study them offline (inet connection was a rarity at the time for me)) pencil (to undo mistakes) and paper, to make notes, and lots of them tools like hiew, ida (never really liked ida too much as i thought it was slow), olly, x64dbg etc etc and referencing sites like this one, the masm32 site, woodmann and some others time and patience, and doing some homework before asking for help / pointers (i usually wont help people who want to get everything spoonfed to them or ask for videos etc or think they're somehow entitled) 6
James Taylor Posted July 31, 2018 Author Posted July 31, 2018 14 hours ago, evlncrn8 said: intel x86 / x64 opcode reference manuals (i think you can download them in pdf form on their site somewhere) then writing some apps in asm to get a grip for masm etc, or in c and then debug them to see how things work then lena's tuts (i've never used them though, i taught myself a long time ago, where i'd dl the opcode ref's and study them offline (inet connection was a rarity at the time for me)) pencil (to undo mistakes) and paper, to make notes, and lots of them tools like hiew, ida (never really liked ida too much as i thought it was slow), olly, x64dbg etc etc and referencing sites like this one, the masm32 site, woodmann and some others time and patience, and doing some homework before asking for help / pointers (i usually wont help people who want to get everything spoonfed to them or ask for videos etc or think they're somehow entitled) I am following the book of kipirvine. and understanding pattern of software with ida. is it a good move ? What do you refer?
kao Posted July 31, 2018 Posted July 31, 2018 I'm not a big fan of Kip Irvine's book. But I can't recommend any particular book instead of it - I learned ASM by reading source codes of DOS-era viruses. There were no ASM books available in my country at that time, so I just had to figure it out on my own.. Since you seem to be mostly interested in reverse-engineering aspect of ASM language, I would recommend reading https://sensepost.com/blogstatic/2014/01/SensePost_crash_course_in_x86_assembly-.pdf - it's a pretty decent summary and contains links to other useful resources as well. One thing I can tell you - you need to start from the beginning and work methodically. Currently you're jumping from C sample code to VMProtect to driver disassembly. It makes no sense and is actually slowing you down. 2
James Taylor Posted July 31, 2018 Author Posted July 31, 2018 16 minutes ago, kao said: I'm not a big fan of Kip Irvine's book. But I can't recommend any particular book instead of it - I learned ASM by reading source codes of DOS-era viruses. There were no ASM books available in my country at that time, so I just had to figure it out on my own.. Since you seem to be mostly interested in reverse-engineering aspect of ASM language, I would recommend reading https://sensepost.com/blogstatic/2014/01/SensePost_crash_course_in_x86_assembly-.pdf - it's a pretty decent summary and contains links to other useful resources as well. One thing I can tell you - you need to start from the beginning and work methodically. Currently you're jumping from C sample code to VMProtect to driver disassembly. It makes no sense and is actually slowing you down. 1. Can you give me few more reference as https://sensepost.com/blogstatic/2014/01/SensePost_crash_course_in_x86_assembly-.pdf Or only this is sufficient. 2. Where can i get source cod of DOS-era viruses
fearless Posted July 31, 2018 Posted July 31, 2018 A started with some a86/d86 documentation, found some of it a bit over my head and mostly it was specific to 16bit dos assembler. Ralf Brown's interrupts list was very useful in that era. I did have a couple of actual asm books, one was by Peter Norton and covered some low level asm stuff to read drive sectors, convert bytes to hexadecimal, print bytes to screen etc. Again mostly for dos era. The best I found was Art of Assembly by Randall Hyde. He has a downloadable pdf, chm version or online version: http://www.plantation-productions.com/Webster/www.artofasm.com/Windows/index.html. It covered a lot of stuff and I found it useful with learning asm. The HLA (high level assembly) framework mentioned in Art of Assembly wasnt my thing - so those parts are skippable. Also Iczelion's tutorials (can still be found online: http://www.win32assembly.programminghorizon.com/tutorials.html) for win32 asm coding along with masm32 forum I found to be essential. The new forum is located here: http://masm32.com/board/index.php. But there is an archived older version of the masm32 forum as well, and that is still very useful for examples of code: http://www.masmforum.com/board/index.php Im not a fan of Kip Irvine's stuff either. I've seen (and still see now and then) questions posted on masm32 forum, that at first glance are fairly normal questions, but after a little bit we find out the code/question/content its based on Kip Irvine libraries. That in itself isnt the problem - the problem is the restrictions placed on those being asked to use Kip Irvine stuff - "my teacher says I cant use any other library" type thing. Its like tying one hand behind your back being forced to use that stuff only. I even posted a bit code to indicate this frustration: http://masm32.com/board/index.php?topic=6142.msg65253#msg65253 The win32sdk.hlp was also useful - nowadays its MSDN or the https://docs.microsoft.com/en-us/windows/desktop/api/ stuff for win32 api documentation - a lot of its very relevant still from calling those function from asm. Think its still possible to get that win32sdk.hlp somewhere but on more modern system you might need to install a .hlp viewer. The chm version is available here: https://tuts4you.com/e107_plugins/download/download.php?action=view&id=3530 and maybe here for the hlp version: https://tuts4you.com/e107_plugins/download/download.php?action=view&id=258 The masm32 sdk is a useful starting point as it comes with most stuff required to start coding with asm x86, along with its own library (masm32.lib) thats useful as well. 1
evlncrn8 Posted July 31, 2018 Posted July 31, 2018 (edited) wow a86 and d86 and a386, theres a blast from the past.. and the days when you coded with thought.. no bloat, tight, clean code, memory reusage (and planning).. i also started similar to kao, interest in viruses and stuff, and it all went from there.. playing with the nowhereman vcl (chiba city / aroseisaroseisarose) and things like that, and that dos interrupt list (ralf brown), but i think all of us have started slow, and made many mistakes, and learned from them... cutting corners might seem like a good idea at the time but it will, sooner or later hugely take a chunk out of your backside... learning the primitives, like whats a byte, dword, qword, signed, unsigned, fpu instructions etc.. slowly but steadily building up your own knowledge so when you read asm or other languages you can run it in your head most of the time and get a good feel for what its doing... also, learning a little google @James Taylor would be a good idea, and sticking to one frigging thing too.. stop trying to learn everything at once.. its like building blocks.. learn on a solid base.. and also use the search button too.. cos im really getting tired of repetitive posts of yours which all have a common theme - that being 'explain this to me'.. it gets explained, and then you make a new post, which has similar code / theme and you dont understand a bloody bit of it... Edited July 31, 2018 by evlncrn8
James Taylor Posted August 1, 2018 Author Posted August 1, 2018 I am studying step by step assembly with linux. this book is so cool. Thanks
evlncrn8 Posted August 1, 2018 Posted August 1, 2018 reading it instead of using it as a coffee cup coaster or holding a door / window open might be an idea then, considering if its step by step then there would be no reason for your previous posts asking what some asm code does, or posting a blatant hexrays output and claiming it was the real code...
James Taylor Posted August 1, 2018 Author Posted August 1, 2018 1 hour ago, evlncrn8 said: reading it instead of using it as a coffee cup coaster or holding a door / window open might be an idea then, considering if its step by step then there would be no reason for your previous posts asking what some asm code does, or posting a blatant hexrays output and claiming it was the real code... I do apologize. Thanks. i did not understand what you mean though. 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now