Reverse Engineering master0Fnone Class | Episode 1.1: x86 Assembly Demystified
Рет қаралды 16,920
Күн бұрынTrying to break into RE, but feeling overwhelmed? Looking for a better foundational understanding of what you're already practicing? Somewhere in between? This "master0Fnone Class" is for you - no matter where you assess yourself to be, you can learn RE, and it doesn't have to be a slog.
The jeFF0Falltrades master0Fnone Class series is a collection of free online courses made to make learning topics - like reverse engineering - more accessible (and fun) to everyone.
In this first episode, split into multiple parts, we will:
- Walk through the Language Processing System that converts high-level code to assembly code to the machine code read by your processor, and all of the stages in-between (Part 1)
- Introduce several common features of x86/x64 assembly language and conventions (Part 1)
- Walk through a practice program demonstrating several common C programming structures and statements (Part 2)
- Reverse that practice program in Ghidra to practice identifying these structures and instructions (Part 3)
- Challenge you to take what you've learned and get yourself onto the "Wall of Fame" by finding the hidden flag in the included "CrackMe" program! (Whenever You Want!)
CrackMe Challenge Instructions:
- Download the binary from the Project Homepage below, under the "crackme" folder for this episode
- Use whatever tools you wish to try to reverse the hidden flag in the binary
- Submit the flag and the name you wish to appear on the Wall of Fame to this form: forms.gle/XWWqYyeNUkFH8tHMA
- Brag to your friends by showing them your name on the Wall of Fame in the Project Homepage "crackme" folder, and find out how good your relationship with those friends is!
Please leave feedback and questions here as comments, or DM me on Mastodon (social links listed on the channel).
Check the pinned comment for any updates to the content.
Let me know what you would like to see in future videos!
Project Homepage:
github.com/jeFF0Falltrades/Tu...
Resources and References:
- Programming Language Processing System Example: www.tutorialspoint.com/compil...
- x86 Architecture: en.wikibooks.org/wiki/X86_Ass...
- x86 CPU wiki.osdev.org/CPU_Registers_...
- x86 Instruction Listing: en.wikipedia.org/wiki/X86_ins...
- x86 Calling Conventions: en.wikipedia.org/wiki/X86_cal...
- x64 Calling Conventions (MS): learn.microsoft.com/en-us/cpp...
- Functions & Stack Frames in Assembly: en.wikibooks.org/wiki/X86_Dis...
- Stack Functionality in Assembly: www.varonis.com/blog/stack-me...
- Pointers in C/C++: www.geeksforgeeks.org/c-point...
- x86 Assembler/Disassembler Online: defuse.ca/online-x86-assemble...
- Segment Registers & Segmentation: wiki.osdev.org/Segmentation
- Ghidra: github.com/NationalSecurityAg...
- x64dbg: x64dbg.com/
- MSYS2 (for utilizing gcc quickly): www.msys2.org/
Episode 1, Part 1
00:00:00 - Intro
00:03:30 - Important Notes
00:03:39 - Cheat Sheet/Episode Topics Overview
00:08:16 - The Language Processing System
00:21:43 - Loading and Running an Executable File
00:28:37 - Common x86 Registers and Their Usage
00:39:37 - Common x86 Assembly Instructions
00:56:18 - Stack Layout & Operations
01:07:03 - Observing Stack Operations in a Debugger
01:14:54 - Common x86 Calling Conventions
01:18:41 - Part 1 Wrap-Up
@jeFF0Falltrades Жыл бұрын
Hello, and thanks for joining me for this master0Fnone class! As usual, I will post edits/updates/corrections to this video here in the pinned comment. Parts 2 and 3 of this episode will be posted within the next week - Stay tuned! Enjoy, and let me know what you think.
@Gaspa79 Ай бұрын
Honestly I'm so sorry that there's been only 3 episodes of this masterpiece, but I'm so grateful for those 3 anyway. Thanks for the content
@jeFF0Falltrades Ай бұрын
Another one coming up next month! Slightly different topic but very excited to get the next one going 😁 So, so happy to hear you enjoyed!
@christianlijs1346 7 күн бұрын
@@jeFF0Falltrades I have only nearly finished the first episode but I am stoked that there are more coming. Thank you so much for these videos!
@jeFF0Falltrades 7 күн бұрын
@@christianlijs1346 So happy to hear this!!! I’m working on a second master0Fnone course now and comments like this motivate me so much. Thanks for watching and I hope you enjoy the rest!
@christianlijs1346 7 күн бұрын
@@jeFF0Falltrades I had a feeling it would motivate you or at the very least make you happy, but just know that's exactly how I feel when I come across a video like this! Thank you, and I might just let you know how the other videos go for me.
@jeFF0Falltrades 7 күн бұрын
@@christianlijs1346 Thank you so much!
@karlkarlsson9699 Жыл бұрын
59:10 "Stacks of money saved from prescription costs" LMAO! Love the analogy 😂
@jeFF0Falltrades Жыл бұрын
I find laughing about it helps me briefly stop crying about it 😂😭
@yishithvilas4876 11 күн бұрын
That is called power of knowledge
@jeFF0Falltrades 11 күн бұрын
❤️
@gianbattistavivolo7449 Жыл бұрын
Thanks for those high quality videos...
@jeFF0Falltrades Жыл бұрын
Gianbattista! Thank you so much for your kind words and your generosity. I appreciate your support and hope you continue to enjoy my future content!
@DaliLlama484 2 ай бұрын
Just earned yourself a sub! This was a great video! I’m a computer engineering student really interested in malware analysis and reverse engineering and this series is so helpful!!
@jeFF0Falltrades 2 ай бұрын
Awesome! Thank you so much for the kind words and glad you enjoyed! I’ve got two more malware analysis videos that I’m working on now - just enjoying some parental leave before recording them - hope you enjoy and thank you so much for being here; and best of luck in your CE journey!
@matts7327 Жыл бұрын
Glad I came across your channel. You make this all seem a lot more approachable than other tutorials.
@jeFF0Falltrades Жыл бұрын
Thanks so much - I truly hope so…I started doing this for that very reason, and I hope you get something good out of them!
@Jarvx Ай бұрын
Hey man, I just wanted to say your channel is an absolute gem regarding RE and it's to be quite honest one of the best resources out here on youtube and I'm really wondering how your channel is not bigger. Keep up great work!
@jeFF0Falltrades Ай бұрын
You are too kind, this comment made my day! I’m just happy to have as many that are in this community today :-) Getting prepped to record another video this month! Hope you enjoy that one as well. Thanks so much for watching.
@yolamontalvan9502 3 ай бұрын
This is an amazing video full of important information. Thank you.
@jeFF0Falltrades 3 ай бұрын
Thank you so much! I am so glad you enjoyed and I appreciate the kind words!
@Smoth48 Жыл бұрын
I have never seen that take place in a Golden Corral. Then again, I do not often eat out because I spend all of my money on prescriptions. Love the content very much so far. Extremely informative, and exactly what I was looking for! Looking forward to the next parts and eventually solving the crackme
@jeFF0Falltrades Жыл бұрын
How do you do, fellow American? Lol, thanks so much for watching and so glad you’ve enjoyed so far - hope that keeps up!
@speedfastman 6 ай бұрын
Invaluable goldmine of information.
@jeFF0Falltrades 6 ай бұрын
Thank you so much! I am hoping to record a new vid this upcoming week so I hope you continue to enjoy this series/content!
@getzmikalsen Жыл бұрын
Really cozy tutorial, perfect weekend activity! Glad that I stumbled onto your mastodon which led me here. 🙂
@jeFF0Falltrades Жыл бұрын
So glad you did too! Thanks so much for watching and hope you continue to enjoy!
@smertinable Жыл бұрын
Wow, this video is amazing! Assembly code previously looked like an alien language, this video helped me out so much! Your efforts at explaining everything in a clear and concise manner are truly appreciated. Thank you so much for creating this valuable resource! I can't wait to view the other parts in this series, keep up the great work Jeff!
@jeFF0Falltrades Жыл бұрын
Martin, thank you so much for the generosity and kind words! It makes me so happy to hear you’re getting something out of these videos and I hope you continue to enjoy this series and all of the upcoming videos to this channel!
@NLitvin Жыл бұрын
Thank you for making these, jeFF! Your previous videos helped me learn how to patch a couple of old games by myself, and although I'm now somewhat comfortable with reverse-engineering, this first episode still filled in a couple of gaps in my fundamentals that I didn't even know I had. I appreciate your Bob Ross-esque style and all the little jokes you sprinkle in. Who knew that 1h20m of CPU registers and stack operations could be so relaxing?
@jeFF0Falltrades Жыл бұрын
Thank YOU for watching them and also I respect the heck out of people who take this and successfully use it to go do stuff like game patching/modding/etc - awesome job! So happy you enjoy, and I hope you enjoy the rest of this episode!
@JWAM Жыл бұрын
Had to pause this tonight and tell my daughter to pause her BOTW-session just to come over to read the Linked/Zeldad-lists. :)
@jeFF0Falltrades Жыл бұрын
😆 Hope she’s as excited as I am for TotK coming in a couple months
@JWAM Жыл бұрын
@@jeFF0Falltrades In between playing BOTW, reading her Zelda-manga books, writing her own Zelda book and making a Zelda-play for school, and planning what Zelda-related things I need to 3d-print, there may be a spot left to think what is coming in May. :)
@tylerb6981 Жыл бұрын
I feel really good about catching this in the first few hours. I was one of those super-fans that watched your other videos in one sitting :P
@jeFF0Falltrades Жыл бұрын
Tyler: 1. You are my hero 2. Please do not do this 3. If you do this, at least remember to hydrate and blink every 20-40 mins Real talk: So glad you’ve enjoyed, and I hope you enjoy the follow-parts coming shortly!
@tylerb6981 Жыл бұрын
@@jeFF0Falltrades Your RCT video is a friggin masterpiece. I look forward to all the vids you publish in the future.
@dark_red_blood 6 ай бұрын
Wow, this tutorial is amazing, and all the time you've put into it thanks a million man. I found you by your tycoon video and had to put it off to learn first, but it looks cool af aswell. Thank you again, excited to carry on watching your amazing videos
@jeFF0Falltrades 6 ай бұрын
Thank you so much for the kind words, and I hope you continue to enjoy videos like these! Best of luck in your learning journey.
@n0handles Жыл бұрын
This couldnt of been timed better! This kind of work fell in my lap, and have no real experience with this ....... Im here for the ride, thanks so much for your efforts!
@jeFF0Falltrades Жыл бұрын
So glad to hear it! Part 3 (which is the heaviest in terms of assembly reversing) should be up in a few days’ time, and I hope these + that final piece will be able to get you on your way!
@nanduanil8587 11 ай бұрын
simple and effective......❣
@llJoDall 5 ай бұрын
Very helpful, thank you!
@jeFF0Falltrades 5 ай бұрын
Thank you for watching and so glad to hear it!
@R00kTruth Ай бұрын
the easiest way for Anyone, and I mean absolutely Anyone, to learn assembly and reverse engineering at the same time, is to write some simple c code snippets, then to debug them.
@razorr1920 Жыл бұрын
If there is one video series / channel which I wished I could have gone through before the third world War when internet was gone, it was this channel. SUBSCRIBED INSTANTLY. No video have I come across yet on KZbin which goes in such depth with a suttle narration that things fall in place like Lego blocks from heaven.
@jeFF0Falltrades Жыл бұрын
Thank you so much and so glad you’ve enjoyed!
@KhoiNguyen-fj6jp 9 ай бұрын
Underrated content !!!
@jeFF0Falltrades 9 ай бұрын
Aw, thank you so much! So glad you found your way here!
@patrickborys3490 Жыл бұрын
Love your videos Bro :)! Thanks for sharing !!
@jeFF0Falltrades Жыл бұрын
They love you too! Thanks so much for watching and hope you enjoy this and the upcoming parts.
@0xsha466 Жыл бұрын
most anticipated video ever ♥️
@jeFF0Falltrades Жыл бұрын
Hope it lives up to the hype 👀 Thanks for watching!
@aa898246 Жыл бұрын
i really appreciate this series man thanks
@jeFF0Falltrades Жыл бұрын
I really appreciate you! Thanks for watching, and so glad you enjoyed.
@washere3432 Жыл бұрын
Thank you so much!!!!
@jeFF0Falltrades Жыл бұрын
Thanks for watching! Glad you were here 😁
@shashikantthakur6676 Жыл бұрын
Thanks man! I can't think this topic was so simple and fun to learn🥰
@jeFF0Falltrades Жыл бұрын
So glad to hear you say that - It's the exact reason I started this channel: To summarize a lot of the knowledge that I had to dig around for from multiple resources (and make it fun along the way). If you can keep your sense of humor, you can get through most tough things. Thanks so much for watching!
@heyyounotyouyou3761 Жыл бұрын
Awesome, thanks
@jeFF0Falltrades Жыл бұрын
Thanks for watching 🍻
@NOLlFE1 8 ай бұрын
Your channel got recommended to me, im so glad I clicked.
@jeFF0Falltrades 8 ай бұрын
Same here! Hope you enjoyed and continue to!
@moulayediag3873 Жыл бұрын
Tanks a lot man ...great tuto
@jeFF0Falltrades Жыл бұрын
Thanks for watching!
@CrusaderMen Жыл бұрын
Thank you for the great content!
@jeFF0Falltrades Жыл бұрын
Thank you for watching!
@rtzgf67games7 Жыл бұрын
I love this
@jeFF0Falltrades Жыл бұрын
It loves you too! Thanks for watching and so glad you enjoyed!
@rtzgf67games7 Жыл бұрын
@@jeFF0Falltrades You're really good at explaining! I'm not completely new to reverse engineering and still found this incredebly useful!
@jeFF0Falltrades Жыл бұрын
@@rtzgf67games7 thank you for that feedback - I hear a lot from beginners but not as often from folks who have been in the game for a minute, so I’m glad to hear it was useful to you too.
@benjcalderon Жыл бұрын
I'm just 1:47 in, but I'M DOWN!! 🙌🙌
@jeFF0Falltrades Жыл бұрын
LET’S GOOOOO Hope you enjoy, man! If you can make it through my low-budget, campy intros, you can do anything!
@ibotah 10 ай бұрын
Thank you so much for this!!! I've been looking for a comprehensive way to get into REing, you sir are amazing!
@jeFF0Falltrades 10 ай бұрын
First of all - Fantastic profile picture. Second: Thanks so much for watching and for the kind words! Comments like this make me so happy. Hope to have more soon!
@ibotah 10 ай бұрын
@@jeFF0Falltrades Hah, thank you! Such a great movie imo. Awesome, I look forward t to them!
@Mackan1993 Жыл бұрын
Ill try to get the timme to do the challenge! Thank you for the effort you put in to this video!
@jeFF0Falltrades Жыл бұрын
Take your time and hope you enjoy the rest of the episode! Thanks so much for the kind words!
@Hacker_Baby 10 ай бұрын
Absolutely brilliant video!!!! Thank you so much!!
@jeFF0Falltrades 10 ай бұрын
Thank you for the kind words and for watching! So glad you enjoyed! In the midst of research for a new one soon 😁
@Hacker_Baby 10 ай бұрын
@@jeFF0Falltrades I can’t wait to watch it!!! You have made this topic SO much more accessible! 🍻 cheers to you, for giving us all a leg up!!
@jeFF0Falltrades 10 ай бұрын
@@Hacker_Baby So glad to hear it - that’s the reason I started this channel 😁
@alexandrohdez3982 Жыл бұрын
Great video 👏👏👏
@jeFF0Falltrades Жыл бұрын
Thank you for watching, Alexandro!
@ArielVolovik Жыл бұрын
58:23 good god hahahaha For some reason I started trying to crack the challenge after this video, didn't realize that we are to finish all 3 videos first before tackling the challenge.
@jeFF0Falltrades Жыл бұрын
No need to finish all 3 before trying, but if it’s new to you, then yes - I’d recommend at least watching the third part where we talk about disassembly. Thanks for watching!
@ArielVolovik Жыл бұрын
@@jeFF0Falltrades I was really struggling to figure out the logic of the program because of all of the jumps, and wasn't too sure what the flag can even look like. Should have a better idea of what to do once I watch the next parts of the series! Looking forward to it :D Massive thanks for producing and posting the videos online!
@jeFF0Falltrades Жыл бұрын
@@ArielVolovik You’ll get it - Keep persevering and I hope you enjoy the rest!
@jaybofa617 Жыл бұрын
Thanks, Jefe. I’ll make you proud
@jeFF0Falltrades Жыл бұрын
You already have
@patrickslomian7423 Жыл бұрын
❤
@jeFF0Falltrades Жыл бұрын
🙏
@tahargermanni6205 10 ай бұрын
@@jeFF0Falltrades Hi, could you please help me to bypass registry in app that the manufacturer is not existing any more
@tahargermanni6205 10 ай бұрын
@@jeFF0Falltrades Hi, could you please help me to bypass the registry of the app that the manufacturer of this software is not existing anymore
@luijia 11 ай бұрын
Awesome, great video. What do those hex values in x32dbg between the EIP and instruction columns represent? I assume it is the raw hex values for the instructions ("translated" from the binary?)
@jeFF0Falltrades 11 ай бұрын
Thank you so much, and thanks for watching! It’s always hard to try to decipher this over text, but I think I know which column you’re talking about haha - From left-to-right in x64dbg, you see the EIP marker, then a hex value representing the address currently pointed to, then the raw hex of the instruction, and then the rendered assembly instruction. I think you are talking about the 3rd column, in which case - you are 100% correct, it is the hex representation of the opcodes for that instruction. Let me know if you were talking about another column though.
@luijia 11 ай бұрын
@@jeFF0Falltrades Thanks, in hindsight a screenshot would have probably been more clear, but that was what I was referring to. Wasn't sure how to google that one 😅.
@jeFF0Falltrades 11 ай бұрын
@@luijia Nah it’s all good. Just a limitation of the commenting system here that I have noticed with a few different comments. Thanks again for your kind words and for watching!
@taguetrash Жыл бұрын
For some reason, the stack + base pointer and how it's used in calling conventions never clicked for me until this video, and I've written small bits of assembly plenty of times before. The stack and base pointer manipulation just never clicked with me for some reason! Edit: An interesting thing I noticed about CRACKME is that the compiler made _main use ESP for all stack references, because it doesn't change at all (and because ESP is forced to be aligned to a 16-byte boundary, whereas EBP isn't.)
@jeFF0Falltrades Жыл бұрын
I’ma be real with you - it wasn’t until I started making vids for this channel that many things with the stack clicked for me 😂 So glad this helped, if even a little bit!
@delphicdescant Жыл бұрын
It must be really frustrating for your first video to do so well only to have all the following videos struggle to get anywhere close. I wanted to say that I feel for you. I think the stuff you teach in these is great.
@jeFF0Falltrades Жыл бұрын
Eh, not really haha - I started this channel knowing it was going to be for pure fun (I used to have another channel where I did the YT grind for a while and it wore me down) and I’m honestly just happy to see people learning from this stuff and having fun with it - whether it’s 10 or 10,000 peeps. I knew the RCT video was going to be special after its first 24 hours and I’m just glad that it’s brought people more understanding through our shared nostalgia in RCT hahaha. Thanks so much for the kind words and for watching!
@padraiglogue3568 Жыл бұрын
Why do 32 bit memory addresses need to be signed? 27:29 I've never heard of a negative memory address
@jeFF0Falltrades Жыл бұрын
Great question! The addresses themselves aren’t necessarily positive/negative - this limit is more decided by whatever implementation you are using: Some 32-bit implementations still restrict memory allocations above the most significant bit like this due to how the value may be interpreted differently in certain contexts using a signed value. I mostly mentioned it here as a reminder of why you may see that limitation in place when allocating memory.
@civisj Жыл бұрын
How did you make your Visual Studio Code to look like that?
@jeFF0Falltrades Жыл бұрын
It’s a theme called “Synthwave ‘84” by Robb Owen - highly recommend it: You can download it from the VS Code marketplace for free
@wilk85 10 ай бұрын
Is that dracula theme you are using for vscode?
@jeFF0Falltrades 10 ай бұрын
It’s Robb Owen’s “Synthwave ‘84” and I have yet to find a theme I like more 😁
@wilk85 10 ай бұрын
@@jeFF0Falltrades thank you :)
@davorradic8349 4 ай бұрын
can you share your cheatsheet? overview of all theory
@jeFF0Falltrades 4 ай бұрын
It is on the GitHub page for download in the link within the description of this video :-)
jeFF0Falltrades
Рет қаралды 4 М.
jeFF0Falltrades
Рет қаралды 5 М.
QAZSPORT TV / ҚАЗСПОРТ TV
Рет қаралды 185 М.
QAZSPORT TV / ҚАЗСПОРТ TV
Рет қаралды 185 М.