1

I am learning FASM at the moment.

I havent found any books about FASM except documentation on the flatassembler.net

FASM = Flat Assembler

MASM = Macro Assembler

TASM = Turbo Assembler

All the old books(really old,since 199x,i found it from my college libary,seems many years no one touch it) about Assembler that i found and read is using MASM or TASM as code example,even solution for exercise,they use TASM/MASM

So that i just confuse that can i still read that Exercise Book (use TASM/MASM) and its code example to learn FASM?

Also if you know any good book/exercise books/course that use FASM for example code,please tell me

Thanks all fellow coders,

Tuan Linh

quantummind
  • 2,086
  • 1
  • 14
  • 20
Tuấn Linh
  • 11
  • 2
  • The differences are in directives, macro syntax, that sort of thing. Not something you'd need a whole book for. – harold Nov 14 '16 at 17:02
  • The differences between FASM and TASM are "small" for seasoned ASM programmer, but in the beginning they may be confusing. Especially if the TASM examples are written in "MASM quirk" way, and not in the TASM "ideal" mode (closer to original Intel syntax). Try to follow the FASM online docs and TASM book at the same time, it may work for you. I would avoid full MASM-like sources using it's quirk syntax (I don't like it). Also NASM tutorials may work quite well for FASM, once you know some basics about FASM directives, so you can tell where you have to adjust. – Ped7g Nov 14 '16 at 17:13
  • Thanks you @Ped7g . I am learning assembly for my cyber security career.So that i chose FASM because it is low-level assembly...which is have syntax familiar with original intel syntax. – Tuấn Linh Nov 14 '16 at 17:54
  • But i havent learn MASM.how can i know that my TASM code example in book is coded in quirk syntax(which is MASM syntax = high - level assembly syntax) (Note that i learn assembly to learning RE,Exploit research,etc in cyber security feild,which often use intel syntax,not much interested in coding...) – Tuấn Linh Nov 14 '16 at 17:56
  • If it does use things like `label_name dd 12345` and then in the code it reads the value like `mov eax,label_name`, omitting the `[]` to mark memory content access, that's MASM speciality (plus TASM emulation of MASM). In NASM that one would load `eax` with memory address, not value. In MASM/TASM you must write `mov eax,OFFSET label_name` to get the same behaviour. If you see in examples `[]` around "variables", it's probably good enough to try from start. If not, proceed with caution. Eventually get old MASM DOS exe, compile the example, and check it with debugger with Intel syntax. – Ped7g Nov 14 '16 at 18:03
  • I don't see how you will learn "reading" ASM *well* without writing some code, plus as security researcher you will have to create some proof of concept exploit code, so you will have not only be able to write ASM code, but also encode it properly to form a payload for the found attack vector. So I'm sure you will end up writing more ASM code than your comment sounds like. (BTW: about TASM one more time. If the source contains directive `.Ideal`, it's good sign as well, you may actually try to google it, maybe you will run into some nice summary of differences with it). – Ped7g Nov 14 '16 at 18:08
  • Bad for me...i think it use qirk syntax...here is the sample in the book to print the string to console [link]https://codetidy.com/9574/ . and here is my fasm that i coded [link] https://codetidy.com/9567 . in my fasm code,when i load it into IDA debugger,yes,like you said,it use mov eax,123h (memory address) instead of mov,hello . Also i have quick read through book,look at code example but havent found any .ideal yet – Tuấn Linh Nov 14 '16 at 18:12
  • And I would avoid macros for start, I think reading all instructions is simpler for somebody learning. Also as RE/security researcher you will never meet macros. That TASM macro is OK, using "OFFSET" to extract address, that's not the problematic part, you simply remove it when using FASM. Problem would be with code like `mov dx,number`, which MASM compiles as `mov dx,[number]`, but FASM will stick to Intel syntax, so using the value of `number` symbol (= address) and compiling it to `mov dx,imm16`. – Ped7g Nov 14 '16 at 18:16
  • Also i found that in TASM example to print "Hello World!" to console,they use mov ds,ax . But in FASM they use push cs, pop ds. What this instruction mean? I mean only that two instruction is different,and other instruction like mov ah,9 and int 21h (9th function of int 21h of DOS) or mov dx,str is same – Tuấn Linh Nov 14 '16 at 18:29
  • ah sorry i understand push cs, pop ds = mov ds,cs . But i still not understand why we need do that? why we need ES = DS = CS? – Tuấn Linh Nov 14 '16 at 18:38
  • @TuấnLinh: Well, no! `push cs; pop ds` is `mov ax, cs; mov ds, ax`, because segment registers/selectors can only be copied from/to GPRs. – zx485 Nov 14 '16 at 23:19
  • I think because in my FASM code,it is multi segment type.Which it will put data like Hello db "Hello World!" in data segment and other stuff like mov ah,9 int 21h etc in code segment. So that we must put stuff in cs to ds – Tuấn Linh Nov 15 '16 at 06:37
  • Yes, `push cs` `pop ds` is like `mov ds,cs` (x86 has no opcode for this combination, that's why either stack or `ax` is used to load the `ds` with new value). In real mode when accessing memory by `[...any legal expression...]`, the CPU will use one of segment registers to expand the 16b offset calculated by expression into full 20b physical memory address. Which segment register is used depends: 1) segment prefix was used ahead of instruction (`mov al,[es:bx]` is legal => compiles as `mov al,[bx]` prefixed with "use ES" opcode. 2) on the expression (`bp`/`sp` uses `ss`, other use mostly `ds`) – Ped7g Nov 20 '16 at 00:14

0 Answers0