How to learn Assembly

I'm trying to learn hacking starting with assembler. Is Randy Hydes Art of Assembley a good way to go or should I go just with striaght MASM syntax? Also, in a general way, how is a checked version of Windows useful?

dcow

Can't believe this hasn't been locked yet, well actually it really does all depend on what you mean by the term 'hacking', do you want to learn how to take apart your system and secure it?

Well anyways... if you want to learn Assembly, the book AoA (Art of Assembly) is really the way to go, if you want to learn win32asm (programming windows applications in asm (assembly)), then check out hxxp:///win32assembly.online.fr/
The AoA can been found at (I recommend the 16bit version and not the 32bit version due to HLA):
hxxp://webster.cs.ucr.edu/

Quote:

Originally Posted by Nilrem

I recommend the 16bit version and not the 32bit version due to HLA

I 2nd this. While the 16bit book was excellent, I don't know what the author was thinking with the 32bit book, using HLA. It really ruined what could have been an excellent sequel.

The 16bit book is very DOS-centric (obviously), but if you start getting confused, just ignore the INTs at first and pay attention to the general syntax/rules.

Regards,
Satyric0n

Quote:

Originally Posted by Satyric0n

I 2nd this. While the 16bit book was excellent, I don't know what the author was thinking with the 32bit book, using HLA. It really ruined what could have been an excellent sequel.
Satyric0n

I have the Irvine book for MASM syntax and issuses. I was thinking that the HLA stuff would minimize the scut and maximize the amount of technique I could absorb.

Thanks for the reply.
dcow

http://spiff.tripnet.se/~iczelion/

Plenty of asm tuts.

[ibro]

http://wasm.ru/
The best asm site I've ever seen...but in russian

Quote:

Originally Posted by Nilrem

Can't believe this hasn't been locked yet, well actually it really does all depend on what you mean by the term 'hacking', do you want to learn how to take apart your system and secure it?
/

I have two goals here. I come from a UNIX background rather than from the Windows world. I gained much of my success in this world as a sysadmin because I was willing to explore the system at the deepest level available to me. When Linux and its source came out I moved in that direction because I continued to have access to the deepest internals of the system.

Windows is clearly different. The excellent Solomon texts take you a good chunk of the way but they are necessarily limited as to the topics they cover. Understanding what software is doing in the Windows world appears to require looking at disassembled code segments and learning from this what the code is attempting to do. Debuggers, disassemblers, folk lore, and gnostic peerings into a system that is only exposed in that way is not optimum but it appears to be the only way in Windows.

We are a small shop and we are a mixed environment consisting of UNIX (HP-UX, RH AS 2.1 and 3.0 and Windows 2000 server) Because I don't know the Windows stuff well my troubleshooting skills are weak in that world. Frequently I wind up trying to determine where problems might be in a chain that include HP-UX, Oracle, Apache, Forms Server, TCF Framework, network, Windows 2K, IE Explores and Jinitiator. The last 3 pieces are on windows and I just don't know the techniques for getting inside the process and figuring out what happened. Why, for instance, does IE 6 work from a desktop and produce a very strange error when the same laptop is taken home and run through a proxy based security product. Moving backwards to IE 5 solves the problem, but again why????? If you don't know the OS and you can't trace things you will never know. That's just one example.

So by hacking I mean a) understanding of the OS and b) good skills for debug trace and fix.

I was hoping that a checked version of Windows was a compilation of the system with debugging turned on.

[nulli]

What is this fowl word i hear? you want to learn assembly because you want to hack? ohh my god! Sorry but thats something i would expect from a skript kiddies mouth.

Programming in assembly is for the people who has a love for processors and their instruction sets. Not because you want todo hacking. Oh well.. if that is all you want todo feel free to go ahead. But the road to assembly is long and hard. Can you stick with it?

Here are some links to settle your curiosity:
http://www.masmforum.com/
http://board.win32asmcommunity.net/
http://board.win32asmcommunity.net/showthread.php?threadid=8984

You wanted to learn assembly.. well above are the best forums.. they however do not like hacking/cracking/blah.. topics. So choose your words carefully.

[JMI]

Actually, learning assembly language is a fairly essential skill because it is what is displayed in the debugger for most programming languages. Yes, I know that there are exceptions, but the majority of what one sees when using the standard debuggers is assembly language.

That said, it is not necessary that one actually learns how to "program" in assembly language, although it is certainly an advantage. However, what one needs to know is at least how to recognize assembly language code and have some basic understanding of what the code is telling you it is doing. You may not recognize that the assembly is setting up some procedure using or not using some API or another, but you better well recognize what the operand instructions are telling you is happening with the code.

By this, I simply mean you need to recognize and understand the use of registers to store information and pointers and many other things of interest to the reverser. If one does not understand what the various instructions actually do to whatever they are manipulating, one has little chance of figuring out what to look for and/or how it might be changed to make the desired result happen. This means it is fairly essential that one have a working understanding of the mnemonics displayed in SICE and/or OllyDbg and/or WinDBG., or whatever.

Without the understanding, one can not expect to even recognize what the debugger displays, let alone where, or how to change it, beyond following, by rote, someone elses tutorial, step by step. That is not actually learning anything, other than how to follow a receipt, such as from a cook book. One is not really learning how to cook, one is only learning how to follow what the cook said to do to make that particular thing the exact same way he/she said to make it.

There are many sources available on the net to acquire such basic knowledge "of" assembly language, aside from the acquiring of the knowledge of how to actually "program" in that language.

Works such as:

Iczelion's Win32 Assembly Tutorial Series; The Art of Assembly Language Programming; Assembly for Crackers; Assembly Language Reference by Dr. ME!; The cRACKER's n0TES

are but a few of those readly available sources for acquiring some basic knowledge and but a small part of the reference files I maintain on my computer archive. There are many more, as any simple search using "assembly language + tutorial" will find.

There is really very little substitue in Reverse Engineering for actually starting "at the beginning" and learning the basics of what the code is telling you when you look at it in the debugger. That is the primary tool and the primary method used to do this work and failure to spend the time necessary to acquire a basic understanding of these issues is a substantial impediment to further skill development.

Regards,

Quote:

Originally Posted by nulli

What is this fowl word i hear? you want to learn assembly because you want to hack? ohh my god! Sorry but thats something i would expect from a skript kiddies mouth.

Programming in assembly is for the people who has a love for processors and their instruction sets. Not because you want todo hacking. Oh well.. if that is all you want todo feel free to go ahead. But the road to assembly is long and hard. Can you stick with it?

This board is entirely about hacking in the sense of your second paragraph. Hacking is to know the machine and its software to such an extent that you can give the machine capabilities beyond the mundane, or that your skills are such that you can resolve problems that others cannot completely understand.

BTW, thanks for the links. Incidentally, I started on the software side of things by programming self test diagnotics into ROM for circuit cards. All this was done in assembly of course, just not Intel assembly. And of course there was no such thing as Windows. So while the learning curve is long (including the Win32 API) I do at least have the basics.

dcow

[nulli]

Quote:

Originally Posted by dcow

This board is entirely about hacking in the sense of your second paragraph. Hacking is to know the machine and its software to such an extent that you can give the machine capabilities beyond the mundane, or that your skills are such that you can resolve problems that others cannot completely understand.

BTW, thanks for the links. Incidentally, I started on the software side of things by programming self test diagnotics into ROM for circuit cards. All this was done in assembly of course, just not Intel assembly. And of course there was no such thing as Windows. So while the learning curve is long (including the Win32 API) I do at least have the basics.

dcow

The day i wrote that i had been up for 48 hours straight and i where generally a little pissed off about some things. Anyhow.. I know what this board is about. However, learning assembly just because you want to hack/reverse engineer is usually not a good starting point.

In my experience people who start in that direction doesnt come very far in the end of things. I started out with Basic and then Visual Basic before i turned to Assembly. The reason i started was because the basic language was to simplistic and i didnt like C either. Now ive been programming in Assembly for 3 years and my love for this language grows each day.

Assembly isnt really that hard to learn if you got the right head for it. But that depends on whats inside it. I wish you good luck in the world of assembly. Maybe you'll need it maybe you wont.

greets, nulli

Thanks Nulli,

things are going along with assy. I registered over at masm forum which looked like a good place. I'm using HLA and Ollydebug to get started. What I want to do is to use Kaspersky's book on Hacker Dissassembling to make the link to HLL's With practice and knowledge of Win32 API I should be able to get along pretty well in figuring out how Win and IE interact to run Ora Fin Apps which is my end goal.

Later

dcow don't use HLA, search around here or on the net and you will see why, or even alternatively, ask at the masm forum.

It is a basic question.
I know latest version masm is v8.x, and can get it from some sites.
Is there any relation with M$? Masm V6.x was distributed with DDK from M$.

Dcow, I also come from unix backround. I've done assembly with nasm/gdb, mostly for shellcodes, injection libraries and such.

I've just begun doing some windows stuff. The assembly is of course the same, but the way to access the system is different. For example in Unix the system calls are set in stone, where as in windows you have to use api calls thru dlls.