CODEWITHSUNDEEP
assembly
Joe
Joe

Reputation: 21

Writing instructions in assembly code using hexadecimal

I know the following syntax is a normal assembly code in x86:

.text
   .globl _strat
_start:
   push %rbp
...

But I have came across the following code snippet and don't really understand it. Are these instructions represented in hex?

.text
   .globl _start
start:
.QWORD 0xc874b6f63392f085,0x3beac554c8f10c52,0x848,0x8600000004c,0x8c00000004c,0x920000001f4
...

what is each , representing? is this a list of instructions combined in one line?

Upvotes: 2

Views: 1548

Answers (1)

prl
prl

Reputation: 12455

I have a disassembler that I wrote that allows pasting a memory dump into it. But you can use objdump to disassemble code. Here's how I used objdump to disassemble that.

First, I created a binary file with those contents, by running the following program. (There are probably easier ways; this is what I chose.)

$ cat b.c
#include <stdint.h>
#include <stdio.h>

int main()
{
    static const uint64_t s[] = { 0xc874b6f63392f085,0x3beac554c8f10c52,0x848,0x8600000004c,0x8c00000004c,0x920000001f4 };
    fwrite(s, 1, sizeof s, stdout);
    return 0;
}

$ cc b.c
$ a.out > bin
$ objdump -D -b binary -m i386 -M intel bin
bin:     file format binary
Disassembly of section .data:

00000000 <.data>:
   0:   85 f0                   test   eax,esi
   2:   92                      xchg   edx,eax
   3:   33 f6                   xor    esi,esi
   5:   b6 74                   mov    dh,0x74
   7:   c8 52 0c f1             enter  0xc52,0xf1
   b:   c8 54 c5 ea             enter  0xc554,0xea
   f:   3b 48 08                cmp    ecx,DWORD PTR [eax+0x8]
  12:   00 00                   add    BYTE PTR [eax],al
  14:   00 00                   add    BYTE PTR [eax],al
  16:   00 00                   add    BYTE PTR [eax],al
  18:   4c                      dec    esp
  19:   00 00                   add    BYTE PTR [eax],al
  1b:   00 60 08                add    BYTE PTR [eax+0x8],ah
  1e:   00 00                   add    BYTE PTR [eax],al
  20:   4c                      dec    esp
  21:   00 00                   add    BYTE PTR [eax],al
  23:   00 c0                   add    al,al
  25:   08 00                   or     BYTE PTR [eax],al
  27:   00 f4                   add    ah,dh
  29:   01 00                   add    DWORD PTR [eax],eax
  2b:   00 20                   add    BYTE PTR [eax],ah
  2d:   09 00                   or     DWORD PTR [eax],eax
        ...

Upvotes: 4

Related Questions