Pages

Showing posts with label fasm. Show all posts
Showing posts with label fasm. Show all posts

Friday, October 2, 2020

Fedora 32 : Can be better? part 015.

In the evening I can spend my time with Fedora 32.

In the last few days I studied GTK # a bit.

I thought it would be useful for Linux users and those who use the language of the FASM assembler to have an editor.

Tonight I created this simple project this simple project named fasm_editor.

The objectives of this project are:

  • creating a functional editor;
  • implementation of running and compilation requirements;
  • settings specific to the Linux operating system;

I believe that this way Fedora Linux can be improved and become better.

Sunday, November 10, 2019

Fedora 31 : another FASM tutorial with Linux.

Today I wrote another tutorial about FASM and assembly language on my website.
Because I used the Fedora distro I add my tutorial here.
If you want to learn assembly programming for Windows O.S. or Linux with the Intel C.P.U. then you need the FASM tool and this manual.
Today I will show you how to create a file using my Fedora 31 Linux distro and FASM tool.
The name of this file will be new_file.txt.
The assembly program will use INT 0x08 to create the file.
entry _start

filename db "new_file.txt", 0

_start:
    ; create a new file
    mov rax, 8
    mov rbx, filename
    mov rcx, 0011
    int 0x80

    ; use descriptor
    push rax

    ; close the new file
    mov rax, 6
    pop rbx
    int 0x80

    call exit

exit:
    mov rax, 1
    mov rbx, 0
    int 0x80>
The program also set the file permissions in the rcx register.
Let's see some octal permissions:
    mov rcx, 000

----------. 1 mythcat mythcat       0 Nov 10 17:40 new_file.txt
    mov rcx, 0001

---------x. 1 mythcat mythcat       0 Nov 10 17:41 new_file.txt
    mov rcx, 0011

------x--x. 1 mythcat mythcat       0 Nov 10 17:43 new_file.txt

Monday, November 26, 2018

Fedora 29 : Commands and tools that handle assembly files - part 001.

This commands and tools that handle assembly files, object files, and libraries are very useful for development. In order to test these commands and tools, we need an executable file. I used this assembly source code created for FASM assembly. This assembly source code sums a variable named rad with a size of 8 bytes:
[mythcat@desk fasm]$ vim sum.asm 
format elf64
extrn printf

section '.data' writeable align 16
rad dq 90.0
fmt db "%.30lf",0ah,0

section '.text' executable align 16
public main
main:
    push rbp
    mov rbp,rsp
    pxor xmm0,xmm0
    movsd xmm0,[rad]
    movsd xmm2,[rad]
    addsd xmm0,xmm2
    mov rax,1
    mov rdi,fmt
    call printf

    mov rsp,rbp
    pop rbp
    ret
Let's create the output with the fasm tool:
[mythcat@desk fasm]$ ./fasm sum.asm 
flat assembler  version 1.73.04  (16384 kilobytes memory)
1 passes, 784 bytes.
The nm command can list symbols from object file. Let's see:
[mythcat@desk fasm]$ nm -A sum.o
sum.o:0000000000000000 T main
sum.o:                 U printf
Using the gcc tool I created the binary executable file and I run it:
[mythcat@desk fasm]$ gcc -s sum.o -o sum -lm
[mythcat@desk fasm]$ ./sum 
180.000000000000000000000000000000
The readelf can display information from elf file, see the output:
[mythcat@desk fasm]$ readelf -h sum 
ELF Header:
  Magic:   7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 
  Class:                             ELF64
  Data:                              2's complement, little endian
  Version:                           1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              EXEC (Executable file)
  Machine:                           Advanced Micro Devices X86-64
  Version:                           0x1
  Entry point address:               0x401040
  Start of program headers:          64 (bytes into file)
  Start of section headers:          13552 (bytes into file)
  Flags:                             0x0
  Size of this header:               64 (bytes)
  Size of program headers:           56 (bytes)
  Number of program headers:         11
  Size of section headers:           64 (bytes)
  Number of section headers:         28
  Section header string table index: 27
The strings can display printable char sequence from object files:
[mythcat@desk fasm]$ strings sum
/lib64/ld-linux-x86-64.so.2
libm.so.6
__gmon_start__
libc.so.6
printf
__libc_start_main
GLIBC_2.2.5
H=@@@
[]A\A]A^A_
;*3$"
V@%.30lf
GCC: (GNU) 8.2.1 20181105 (Red Hat 8.2.1-5)
gcc 8.2.1 20181105
GA*GOW
GA+stack_clash
GA*cf_protection
GA+GLIBCXX_ASSERTIONS
GA*FORTIFY
GA!stack_realign
gcc 8.2.1 20181105
GA*GOW
GA+stack_clash
GA*cf_protection
GA*FORTIFY
GA+GLIBCXX_ASSERTIONS
GA!stack_realign
.shstrtab
.interp
.note.ABI-tag
.note.gnu.build-id
.gnu.hash
.dynsym
.dynstr
.gnu.version
.gnu.version_r
.rela.dyn
.rela.plt
.init
.text
.fini
.rodata
.eh_frame_hdr
.eh_frame
.init_array
.fini_array
.dynamic
.got
.got.plt
.data
.bss
.comment
.gnu.build.attributes
The most used is the objdump. This will come with many options for many exeecutable binary files:
[mythcat@desk fasm]$ objdump --help
objdump: supported targets: elf64-x86-64 elf32-i386 elf32-iamcu elf32-x86-64 pei-i386 pei-x86-64 elf64-l1om elf64-k1om 
elf64-little elf64-big elf32-little elf32-big pe-x86-64 pe-bigobj-x86-64 pe-i386 plugin srec symbolsrec verilog tekhex 
binary ihex objdump: supported architectures: i386 i386:x86-64 i386:x64-32 i8086 i386:intel i386:x86-64:intel 
i386:x64-32:intel i386:nacl i386:x86-64:nacl i386:x64-32:nacl iamcu iamcu:intel l1om l1om:intel k1om k1om:intel plugin

The following i386/x86-64 specific disassembler options are supported for use
with the -M switch (multiple options should be separated by commas):
  x86-64      Disassemble in 64bit mode
  i386        Disassemble in 32bit mode
  i8086       Disassemble in 16bit mode
  att         Display instruction in AT&T syntax
  intel       Display instruction in Intel syntax
  att-mnemonic
              Display instruction in AT&T mnemonic
  intel-mnemonic
              Display instruction in Intel mnemonic
  addr64      Assume 64bit address size
  addr32      Assume 32bit address size
  addr16      Assume 16bit address size
  data32      Assume 32bit data size
  data16      Assume 16bit data size
  suffix      Always display instruction suffix in AT&T syntax
  amd64       Display instruction in AMD64 ISA
  intel64     Display instruction in Intel64 ISA
Report bugs to .
Let's test some features of the objdump. The arg -t can show the symbol table:
[mythcat@desk fasm]$ objdump -t sum 

sum:     file format elf64-x86-64

SYMBOL TABLE:
no symbols
The arg -d can display selected information from object files by the disassemble file:
[mythcat@desk fasm]$ objdump -d sum

sum:     file format elf64-x86-64

Disassembly of section .init:

0000000000401000 <.init>:
  401000:    f3 0f 1e fa              endbr64 
  401004:    48 83 ec 08              sub    $0x8,%rsp
  401008:    48 8b 05 e9 2f 00 00     mov    0x2fe9(%rip),%rax        # 403ff8 
  40100f:    48 85 c0                 test   %rax,%rax
  401012:    74 02                    je     401016 
  401014:    ff d0                    callq  *%rax
  401016:    48 83 c4 08              add    $0x8,%rsp
  40101a:    c3                       retq   

Disassembly of section .plt:

0000000000401020 :
  401020:    ff 35 e2 2f 00 00        pushq  0x2fe2(%rip)        # 404008 
  401026:    ff 25 e4 2f 00 00        jmpq   *0x2fe4(%rip)        # 404010 
  40102c:    0f 1f 40 00              nopl   0x0(%rax)

0000000000401030 :
  401030:    ff 25 e2 2f 00 00        jmpq   *0x2fe2(%rip)        # 404018 
  401036:    68 00 00 00 00           pushq  $0x0
  40103b:    e9 e0 ff ff ff           jmpq   401020 

Disassembly of section .text:

0000000000401040 <.text>:
  401040:    f3 0f 1e fa              endbr64 
  401044:    31 ed                    xor    %ebp,%ebp
  401046:    49 89 d1                 mov    %rdx,%r9
  401049:    5e                       pop    %rsi
  40104a:    48 89 e2                 mov    %rsp,%rdx
  40104d:    48 83 e4 f0              and    $0xfffffffffffffff0,%rsp
  401051:    50                       push   %rax
  401052:    54                       push   %rsp
  401053:    49 c7 c0 e0 11 40 00     mov    $0x4011e0,%r8
  40105a:    48 c7 c1 70 11 40 00     mov    $0x401170,%rcx
  401061:    48 c7 c7 30 11 40 00     mov    $0x401130,%rdi
  401068:    ff 15 82 2f 00 00        callq  *0x2f82(%rip)        # 403ff0 
  40106e:    f4                       hlt    
  40106f:    90                       nop
  401070:    f3 0f 1e fa              endbr64 
  401074:    c3                       retq   
  401075:    66 2e 0f 1f 84 00 00     nopw   %cs:0x0(%rax,%rax,1)
  40107c:    00 00 00 
  40107f:    90                       nop
  401080:    b8 40 40 40 00           mov    $0x404040,%eax
  401085:    48 3d 40 40 40 00        cmp    $0x404040,%rax
  40108b:    74 13                    je     4010a0 
  40108d:    b8 00 00 00 00           mov    $0x0,%eax
  401092:    48 85 c0                 test   %rax,%rax
  401095:    74 09                    je     4010a0 
  401097:    bf 40 40 40 00           mov    $0x404040,%edi
  40109c:    ff e0                    jmpq   *%rax
  40109e:    66 90                    xchg   %ax,%ax
  4010a0:    c3                       retq   
  4010a1:    66 66 2e 0f 1f 84 00     data16 nopw %cs:0x0(%rax,%rax,1)
  4010a8:    00 00 00 00 
  4010ac:    0f 1f 40 00              nopl   0x0(%rax)
  4010b0:    be 40 40 40 00           mov    $0x404040,%esi
  4010b5:    48 81 ee 40 40 40 00     sub    $0x404040,%rsi
  4010bc:    48 c1 fe 03              sar    $0x3,%rsi
  4010c0:    48 89 f0                 mov    %rsi,%rax
  4010c3:    48 c1 e8 3f              shr    $0x3f,%rax
  4010c7:    48 01 c6                 add    %rax,%rsi
  4010ca:    48 d1 fe                 sar    %rsi
  4010cd:    74 11                    je     4010e0 
  4010cf:    b8 00 00 00 00           mov    $0x0,%eax
  4010d4:    48 85 c0                 test   %rax,%rax
  4010d7:    74 07                    je     4010e0 
  4010d9:    bf 40 40 40 00           mov    $0x404040,%edi
  4010de:    ff e0                    jmpq   *%rax
  4010e0:    c3                       retq   
  4010e1:    66 66 2e 0f 1f 84 00     data16 nopw %cs:0x0(%rax,%rax,1)
  4010e8:    00 00 00 00 
  4010ec:    0f 1f 40 00              nopl   0x0(%rax)
  4010f0:    f3 0f 1e fa              endbr64 
  4010f4:    80 3d 45 2f 00 00 00     cmpb   $0x0,0x2f45(%rip)        # 404040 
  4010fb:    75 13                    jne    401110 
  4010fd:    55                       push   %rbp
  4010fe:    48 89 e5                 mov    %rsp,%rbp
  401101:    e8 7a ff ff ff           callq  401080 
  401106:    c6 05 33 2f 00 00 01     movb   $0x1,0x2f33(%rip)        # 404040 
  40110d:    5d                       pop    %rbp
  40110e:    c3                       retq   
  40110f:    90                       nop
  401110:    c3                       retq   
  401111:    66 66 2e 0f 1f 84 00     data16 nopw %cs:0x0(%rax,%rax,1)
  401118:    00 00 00 00 
  40111c:    0f 1f 40 00              nopl   0x0(%rax)
  401120:    f3 0f 1e fa              endbr64 
  401124:    eb 8a                    jmp    4010b0 
  401126:    66 2e 0f 1f 84 00 00     nopw   %cs:0x0(%rax,%rax,1)
  40112d:    00 00 00 
  401130:    55                       push   %rbp
  401131:    48 89 e5                 mov    %rsp,%rbp
  401134:    66 0f ef c0              pxor   %xmm0,%xmm0
  401138:    f2 0f 10 05 f0 2e 00     movsd  0x2ef0(%rip),%xmm0        # 404030 
  40113f:    00 
  401140:    f2 0f 10 15 e8 2e 00     movsd  0x2ee8(%rip),%xmm2        # 404030 
  401147:    00 
  401148:    f2 0f 58 c2              addsd  %xmm2,%xmm0
  40114c:    48 c7 c0 01 00 00 00     mov    $0x1,%rax
  401153:    48 bf 38 40 40 00 00     movabs $0x404038,%rdi
  40115a:    00 00 00 
  40115d:    e8 ce fe ff ff           callq  401030 
  401162:    48 89 ec                 mov    %rbp,%rsp
  401165:    5d                       pop    %rbp
  401166:    c3                       retq   
  401167:    66 0f 1f 84 00 00 00     nopw   0x0(%rax,%rax,1)
  40116e:    00 00 
  401170:    f3 0f 1e fa              endbr64 
  401174:    41 57                    push   %r15
  401176:    49 89 d7                 mov    %rdx,%r15
  401179:    41 56                    push   %r14
  40117b:    49 89 f6                 mov    %rsi,%r14
  40117e:    41 55                    push   %r13
  401180:    41 89 fd                 mov    %edi,%r13d
  401183:    41 54                    push   %r12
  401185:    4c 8d 25 74 2c 00 00     lea    0x2c74(%rip),%r12        # 403e00 
  40118c:    55                       push   %rbp
  40118d:    48 8d 2d 74 2c 00 00     lea    0x2c74(%rip),%rbp        # 403e08 
  401194:    53                       push   %rbx
  401195:    4c 29 e5                 sub    %r12,%rbp
  401198:    48 83 ec 08              sub    $0x8,%rsp
  40119c:    e8 5f fe ff ff           callq  401000 
  4011a1:    48 c1 fd 03              sar    $0x3,%rbp
  4011a5:    74 1f                    je     4011c6 
  4011a7:    31 db                    xor    %ebx,%ebx
  4011a9:    0f 1f 80 00 00 00 00     nopl   0x0(%rax)
  4011b0:    4c 89 fa                 mov    %r15,%rdx
  4011b3:    4c 89 f6                 mov    %r14,%rsi
  4011b6:    44 89 ef                 mov    %r13d,%edi
  4011b9:    41 ff 14 dc              callq  *(%r12,%rbx,8)
  4011bd:    48 83 c3 01              add    $0x1,%rbx
  4011c1:    48 39 dd                 cmp    %rbx,%rbp
  4011c4:    75 ea                    jne    4011b0 
  4011c6:    48 83 c4 08              add    $0x8,%rsp
  4011ca:    5b                       pop    %rbx
  4011cb:    5d                       pop    %rbp
  4011cc:    41 5c                    pop    %r12
  4011ce:    41 5d                    pop    %r13
  4011d0:    41 5e                    pop    %r14
  4011d2:    41 5f                    pop    %r15
  4011d4:    c3                       retq   
  4011d5:    66 66 2e 0f 1f 84 00     data16 nopw %cs:0x0(%rax,%rax,1)
  4011dc:    00 00 00 00 
  4011e0:    f3 0f 1e fa              endbr64 
  4011e4:    c3                       retq   

Disassembly of section .fini:

00000000004011e8 <.fini>:
  4011e8:    f3 0f 1e fa              endbr64 
  4011ec:    48 83 ec 08              sub    $0x8,%rsp
  4011f0:    48 83 c4 08              add    $0x8,%rsp
  4011f4:    c3                       retq 
The arg -h can show some debug sections from file:
[mythcat@desk fasm]$ objdump -h sum 

sum:     file format elf64-x86-64

Sections:
Idx Name          Size      VMA               LMA               File off  Algn
  0 .interp       0000001c  00000000004002a8  00000000004002a8  000002a8  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  1 .note.ABI-tag 00000020  00000000004002c4  00000000004002c4  000002c4  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  2 .note.gnu.build-id 00000024  00000000004002e4  00000000004002e4  000002e4  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  3 .gnu.hash     0000001c  0000000000400308  0000000000400308  00000308  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  4 .dynsym       00000060  0000000000400328  0000000000400328  00000328  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  5 .dynstr       00000049  0000000000400388  0000000000400388  00000388  2**0
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  6 .gnu.version  00000008  00000000004003d2  00000000004003d2  000003d2  2**1
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  7 .gnu.version_r 00000020  00000000004003e0  00000000004003e0  000003e0  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  8 .rela.dyn     00000030  0000000000400400  0000000000400400  00000400  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
  9 .rela.plt     00000018  0000000000400430  0000000000400430  00000430  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 10 .init         0000001b  0000000000401000  0000000000401000  00001000  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 11 .plt          00000020  0000000000401020  0000000000401020  00001020  2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 12 .text         000001a5  0000000000401040  0000000000401040  00001040  2**4
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 13 .fini         0000000d  00000000004011e8  00000000004011e8  000011e8  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, CODE
 14 .rodata       00000010  0000000000402000  0000000000402000  00002000  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 15 .eh_frame_hdr 00000034  0000000000402010  0000000000402010  00002010  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 16 .eh_frame     000000c8  0000000000402048  0000000000402048  00002048  2**3
                  CONTENTS, ALLOC, LOAD, READONLY, DATA
 17 .init_array   00000008  0000000000403e00  0000000000403e00  00002e00  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 18 .fini_array   00000008  0000000000403e08  0000000000403e08  00002e08  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 19 .dynamic      000001e0  0000000000403e10  0000000000403e10  00002e10  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 20 .got          00000010  0000000000403ff0  0000000000403ff0  00002ff0  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 21 .got.plt      00000020  0000000000404000  0000000000404000  00003000  2**3
                  CONTENTS, ALLOC, LOAD, DATA
 22 .data         00000020  0000000000404020  0000000000404020  00003020  2**4
                  CONTENTS, ALLOC, LOAD, DATA
 23 .bss          00000008  0000000000404040  0000000000404040  00003040  2**0
                  ALLOC
 24 .comment      0000002c  0000000000000000  0000000000000000  00003040  2**0
                  CONTENTS, READONLY
 25 .gnu.build.attributes 00000558  0000000000406048  0000000000406048  0000306c  2**2
                  CONTENTS, READONLY
This is just a part from all commands and tools that handle assembly files.

Friday, November 2, 2018

Fedora 28 : Create a ISO image with stage2 and kernel ELF .

The tutorial for today solves the problem of creating an ISO image.
This image can be run and test with QEMU tool emulator like any ISO CDROM image.
You can build your kernel with any assembler and use this steps to test it.
I used the FASM assembly tool. Into my fasm folder I create these folders:
[mythcat@desk fasm]$ mkdir -p iso/boot/grub
You need a stage2 file known like: stage2_eltorito.
This file uses the El Torito is a specification for bootable CD using BIOS functions.
The GRUB supports the no emulation mode in the El Torito specification.
El Torito file booting begins by the Boot Record of the ISO 9660 filesystem at block address 0x11.
You can get this file from your Linux distro of you can find installed into old GRUB.
Put this file into grub folder:
[mythcat@desk fasm] cp /usr/lib/grub/i386-pc/stage2_eltorito  iso/boot/grub/
Use fasm tool with your kernel and use this commands to create the ISO file:
[mythcat@desk fasm]$ ./fasm kernel.asm 
flat assembler  version 1.73.04  (16384 kilobytes memory)
2 passes, 16756 bytes.
[mythcat@desk fasm]$ cp kernel.o iso/boot/kernel.k
[mythcat@desk fasm]$ cat > iso/boot/grub/menu.lst << EOF
> default 0
> timeout 1
> title fasm multiboot
> kernel /boot/kernel.k
> EOF
[mythcat@desk fasm]$ genisoimage -R -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 4
 -boot-info-table -o mykernel.iso iso

I: -input-charset not specified, using utf-8 (detected in locale settings)
Size of boot image is 4 sectors -> No emulation
Total translation table size: 2048
Total rockridge attributes bytes: 920
Total directory bytes: 4096
Path table size(bytes): 34
Max brk space used 24000
241 extents written (0 MB)
Now you can test the result:
[mythcat@desk fasm]$ qemu-system-i386 -cdrom mykernel.iso
This is result of my kernel:

Sunday, October 28, 2018

Fedora 28 : The edb debugger.

Today I tested one debug for assembly language.
I used FASM programming language because is very flexible.
The main goal was to find a good debugger and I try the edb debugger.
If you try to use the Fedora dnf tool then you get an older version of this debugger.
[root@desk mythcat]# dnf install edb.x86_64

Because this package is old I try to compile it from source code from github.
Let's see this steps:
[mythcat@desk fasm]$ git clone --recursive https://github.com/eteran/edb-debugger.git

Cloning into 'edb-debugger'...
remote: Enumerating objects: 192, done.
remote: Counting objects: 100% (192/192), done.
...
[root@desk mythcat]# dnf install git make qt5-devel gcc gcc-c++ boost-devel cmake capstone-devel
...
[mythcat@desk edb-debugger]$ mkdir build
[mythcat@desk edb-debugger]$ cd build

[mythcat@desk build]$ cmake ..
-- Boost version: 1.66.0
-- Checking for module 'capstone>=3.0.4'
--   Found capstone, version 3.0.5
-- Checking for module 'libgvc>=2.38.0'
--   Package 'libgvc', required by 'virtual:world', not found
-- Checking for module 'double-conversion'
-- Looking for C++ include double-conversion/double-conversion.h
-- Looking for C++ include double-conversion/double-conversion.h - not found
CMake Warning at CMakeLists.txt:56 (message):
  libdouble-conversion header wasn't found.  32- and 64-bit floating-point
  values will be showed with max_digits10 digits of precision instead of
  shortest representation.


-- Checking for module 'gdtoa-desktop'
--   Package 'gdtoa-desktop', required by 'virtual:world', not found
CMake Warning at CMakeLists.txt:113 (message):
  gdtoa-desktop package wasn't found.  80-bit floating-point values will be
  showed with max_digits10 digits of precision instead of shortest
  representation.


-- Configuring done
-- Generating done
-- Build files have been written to: /home/mythcat/fasm/edb-debugger/build

[mythcat@desk build]$ make
Scanning dependencies of target edb_autogen
...
You can see the executable file named edb into the build folder.
Just run it and the debugger starts.
Into the next image you can see a simple executable run into this debugger: