 What's going on everybody, my name is John Hammond and in this video I'm on Arch Linux, that's a new thing and I wanted to try out just a little bit of programming and assembly because I'm getting ready for my OSCE or Offensive Security Certified Expert and I'm going to need to be doing a lot of shell coding and low-level programming and a little bit of assembly and C. So I figured, hey, let's break the ice, I'm going to see if I can show you because I'm still learning and I figured the best way to learn is to be able to teach it how I can write an assembly program to simply do that, Hello World, the classic, every programmer's got to do it, so let's dive in. I'm going to be using Vim as my text sitter because I am trying to move into that realm, VimHelloWorld.asm, I'm just going to use a .asm extension here and I'm going to note a couple comments, you can specify a comment with just a semicolon, so I'm just going to say HelloWorld.asm, just note myself here and then a little bit of the date, so whatever, nice formalities and it looks like Teamux is telling me nice down at the very bottom there, it is October 3rd, 2019, so cool. Now, what I need to be able to set up is defining the sections that are necessary for this assembly program to run, so the syntax to do that is simply just the word section and then you'll have to specify what section you want to actually create, they're prefixed with the period and .text is actually all the program instructions and the actual code that you want to actually have happen and run. We'll end up creating another section for .data and data will be where we can kind of define our variables or little labels that we use throughout the program, so what I'm actually going to do is create a variable, I'll call this message, you can call it really whatever you want, but again that's going to be noted with a colon following it and we need to specify kind of like a type or a way that we can define that from what I understand, right? I'm waiting on you guys to let me know what I'm failing at, so please leave me a comment what the heck I'm doing wrong, I'm here to learn. So db is what we use to define bytes and then I'm just going to end up using these double quotes to define a string, I'll say Hello World, exclamation points and what I'm actually going to do after this is I'm going to supply a little argument with a comma and I'm going to supply another value and it's going to be an hex, so I'm going to represent a 0x here and I'm going to supply an A and that 0xA is a new line character and if you don't believe me we can actually go take a look at that in another terminal up here, I'm just going to fire up Python real quick, what I have in 0xA is an ASCII or I guess in base 10, right? That's going to be the number 10 as it is in hex, so we can actually go check out the value of that CHR, I'm just going to run that on 0xA, so hexA and that's a new line, it's that backslash n, I tested this, I played with it where I just tried to include that backslash n inside the string, but that didn't work so well, so let's just keep moving with that 0xA. All right, now I want to be able to actually keep track of the message length, what you can do just to work with that is count it out if you really want to, okay there are five letters in the words hello, six with the space, another five for worlds, that puts us at 11 and the exclamation point can be like whatever, a 12 character or what we could do, I mean it might be 13 if we include that new line and what we could do is actually specify, hey I want to set that equal to and then the length with a weird notation, a dollar sign hyphen on that variable and NASM or what we'll end up using to actually boil this down into an object file that we can link and make an executable with, NASM will understand that to represent the length of that variable and value, so okay, now let's move up to our .tech section and let's actually go ahead and start to write this out and display it on the screen, the way that we're going to do that in a low level hardcore on the processor stuff is with a sys call or a system call, that way we can interact with the kernel and that low level operating system level really simply and really easily, I'm not going to go in the depth on what these sys calls are made up of or how they work, maybe that's for another video but I need to learn up on that myself, I'm excited to see your resources, maybe what you can do to help me learn, but I want to show you what all of these actual sys calls are and what we can end up using and how we could use them, they're represented just by a little number, so I'm going to go ahead and create a new pane so I can show you where you can find those because they're stored in or at least they're kind of noted and included in a header file that you might see within C, that's kind of weird, it's unistandard32.h, I'm going to be writing a 32 but executable because I'm trying to learn that first, so let's do that and locate could track that down for me, if you don't have locate, again I'm on arch, that's pacman sym locate is the package name for that, but we can just simply actually check out that file and see what we have to work with here, so let me do that and we'll see a couple of our sys calls, there is exit which is just noted as the number one and what we're going to end up using to actually get this to display on the screen is that right sys call, that's going to be number four here, so what we want to have our program do is simply write out the hello world message on the screen and then gracefully exit, so let's get to that, now that we know that's the number of the sys call that we want, we need to actually put it into those general purpose registers that allow assembly to work with it and run it, so what I'm going to do is move MOV is that instruction and I'm using Intel syntax here right, so EX that register, we're actually going to move the number of the sys call that we want to run, so I'm going to use zero x four because that's right as we just saw and if you need to look at some others you can just use that as a reference, I'm just going to say use the write sys call and a little comment here and now we need to supply all of the other arguments that might come with that sys call in the following registers, so ebx, ecx, edx and I think then we go to like esi and edi, is that a thing? I might be wrong, I'm waiting for your feedback. Alright, so if you want to check out what those arguments and parameters need to be, again I'm just going to fire up another terminal here, if I can get Tmux to work with me, I'm learning, we can check out the man page for write and I'm going to use two as index here to get the Linux programmers manual, it says write, we'll write to a file descriptor, nice, easy and the arguments that it takes are the file descriptor so that will have to be filled into ebx and our file descriptor in the case of standard out is just going to be number one and then we need to know the actual buffer or the string that we want to display and how many bytes that we need to supply or the count, how many bytes are in that string, in that buffer, that's going to be our other argument, so ebx will be our file descriptor, ecx will be our buff and edx will be the count. Note that after you call the sys call, it's going to end up populating the eax register with the return value, since we're just writing the screen maybe we don't care about it all that much, but for your reference, now you know when you run a sys call, it'll fill in that value in eax, that return value, so cool. Let's go ahead and fill that in now, we can supply our arguments, one will just be use standard out as the file descriptor and then we need to know the buffer that we're going to work with, oh sorry that should have been good catch, ecx needs to be that buffer that we're going to work with and I created that variable as simply message, so use the message as the buffer, nice and easy, and then let's actually include that message length, so let me move over my comments a little bit, there we go, and supply the message length, whatever, if I could type. Now that we've got all that set up, we need to actually invoke the sys call or run it, so the way that we can do that is int 0x80, int I think is interrupt, right, and then 0x80 should be the identifier or hex value for running a sys call. Okay, so now we would display that out on the screen and we have some dynamic understanding of what the length of our variable is, so that's pretty handy for us, now we need to gracefully exit the program, so as we saw in that unistandard 32.h file, that exit sys call is number one, so with that methodology, using eax as the register to specify what sys call we're going to run, how would we do that? Well okay, if we want to exit, we'll just set eax to 0x1, I'm going to use hex here just to kind of denote that, I think it's a good practice maybe, and that syntax move eax, that comma is really all those operands that will give to that move instruction, the opcode there, and it needs, if we were to take a look at that man page, we can fire it up, it needs a return value, and you can specify really whatever you want here, you could specify like 10, it just needs to be able to see that and watch it execute, but normally you'll see like a return zero at the very end of a C int main function, because if it returns zero, that means success, that means everything executed properly, so now let's go ahead and run that with our int 0x80, I'll include a little comment here, invoke the sys call, and maybe if you want to just include a comment, now gracefully exit, so, I think that looks good, I think we got just about everything that we need, oh I'm totally wrong, I'm sorry, we don't have everything we need, we need to actually specify the label, or kind of like a function that we're going to end up using to really run this program, I mentioned int main and C, but we need to go to level lower than that, we need to specify underscore start as really how we're going to end up running all of this, so that's simply underscore start, and then a colon to denote okay, this is what we will run, and we need to specify that also at the very, very top, we're going to end up using global underscore start, so that is that syntax, now we have the data section that defines our variables for us, we have the text section that will actually run this program and evaluate it, go through and procedurally do that, run our right sys call with the proper arguments, run our exit sys call with the proper arguments, and we are all set up, so let's go ahead and compile this, I am going to break out of this, and the way that we compile is with NASM, I think that's a quick and easy pretty handy and good assembly, it's not, what's the right word for that, creating the object file, I need your help, so the way that we can actually go ahead and run that is by running NASM with tack f, and I want to specify l32, and we need to actually give it what output we want it to have, so I am just going to say hello world dot o for object file, and then we need to give it the argument or that input file for it to work with, and that will simply be our hello world dot asm file, so we can run that, if you don't have NASM, again I am going to go ahead and run the patch, you might be able to use apt or whatever you have for your package manager, so that's pseudo packman tack s, and you don't need why, I mentioned that earlier, why I think we'll like update and thanks, I am learning, packman tack s, NASM, that should work just fine for us, just trying to fill my terminal up with the instructions so you guys can see that just fine, now that we have that hello world dot o file, let's go ahead and I am going to use ld, and I think it's tack m I 386 32, let me just double check on that, get my notes off on the side, normally I don't use notes when I record, so everything is awful, but this one might be a little bit better, I guess we'll see, okay cool, it's elf my bad, I 386, elf underscore I386, and you will actually want to specify your output file, I'll just call that hello world, and we need to specify the object file we want to work with, so that's the command again, making in 32 bit elf file, an executable file with our new executable based off of our object file, let's go ahead and run that no errors, no outputs, so now we have a hello world executable that we have here, I'm just going to dot slash that, and now we have simple, plain and easy hello world, little exclamation point, little new line character in there with that 0xA, and that is that, so thank you guys so much for watching, I hope you enjoyed this, I hope you learned a little bit, I hope you learned it was something new, and I hope, whoa, open up the binary file rather than the source code, I hope this was kind of a cool new showcase for assembly, maybe a little bit in my flavor, a little bit of my tone, a little bit of my personality, if you haven't seen this sort of stuff before it's a huge thing, going to be big on reverse engineering and binary exploitation and writing exploitation, and ugh, I'm all about this, I'm trying to get better at this, this is new for me and I want to be a hard charger for OSCE, so thank you guys for watching, I'll see you in the next video I love you, take care