1

I am going through the book Hacking : The Art of Exploitation which uses 32bit assembly, and my machine is 64 bit. Now I understand that's not a great thing, but this is the question.

As I debug this program,

  Reading symbols from ./a.out...
(gdb) break main
Breakpoint 1 at 0x113d: file first.c, line 6.
(gdb) run
Starting program: /home/kingvon/Desktop/asm/a.out 

Breakpoint 1, main () at first.c:6
6               for(i=0; i < 10; i++){
(gdb) x/3i $rip
=> 0x55555555513d <main+8>:     movl   $0x0,-0x4(%rbp)
   0x555555555144 <main+15>:    jmp    0x555555555156 <main+33>
   0x555555555146 <main+17>:    lea    0xeb7(%rip),%rdi        # 0x555555556004

this is what I see on my machine(64 bit),

0x55555555513d <main+8>:     movl   $0x0,-0x4(%rbp)

but in the example(32 bit) given it says:

0x55555555513d <main+8>:     mov   DWORD PTR [ebp-4],0x0

From reading the 32 bit assembly it is quite clear that this should mean that the machine will move the value of 0 into memory location stored in the EBP register minus 4. I am aware both instructions do the same things, but I feel the 64 instruction does not look like what it really means. How can the 64 instruction interpreted/worded? I am aware that the register names are different on 64 bit

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
raincouver
  • 61
  • 7
  • 2
    The main difference between the two instructions you’ve shown is not because one is 32 bit and one is 64 bit, but that one is AT&T syntax and one is Intel syntax. The operands are reversed and the percent signs, dollar signs, and the words “dword ptr” are distinguishing features. – prl Jan 08 '21 at 07:27
  • @prl Book also states to set to intel which I have done, but gdb stays at&t... I've tried `echo "set disassembly-flavor intel" > ~/.gdbinit` and checked file, which says it is set to intel, but gdb keeps printing in at&t..... edit - typo in .gdbinit, gdb now prints in intel – raincouver Jan 10 '21 at 01:38

1 Answers1

5

Probably easiest to just build 32-bit executables so you can follow the book more closely, with gcc -m32. Don't try to port a tutorial to another OS or ISA while you're learning from it, that rarely goes well. (e.g. different calling conventions, not just different sizes.)

And in GDB, use set disassembly-flavor intel to get GAS .intel_syntax noprefix disassembly like your book shows, instead of the default AT&T syntax. For objdump, use objdump -drwC -Mintel. See also How to remove "noise" from GCC/clang assembly output? for more about looking at GCC ouptut.

(See https://stackoverflow.com/tags/att/info vs. https://stackoverflow.com/tags/intel_syntax/info).

Both instructions are a dword store of an immediate 0, to an offset of -4 relative to where the frame pointer is pointing. (This is how it implements i=0 because you compiled with optimization disabled.)

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
  • I've tried -m32, but gcc spits out `/usr/include/stdio.h:27:10: fatal error: bits/libc-header-start.h: No such file or directory 27 | #include `. – raincouver Jan 08 '21 at 02:31
  • 2
    @raincouver: so install your distro's `gcc-multilib` package or whatever it calls it, like Arch's `lib32-gcc-libs`. (Without it, you can build and link pure asm static executable where you write your own `_start` and don't link any libraries, but everything else will need `/usr/lib32/libc.so` and so on, and yeah the 32-bit headers to even compile.) – Peter Cordes Jan 08 '21 at 02:37
  • I have set gdb to intel and edited .gdbinit to intel but gdb just won't change to intel. Edit- I have made a typo in .gdbinit, problem is now fixed – raincouver Jan 10 '21 at 01:39