Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration

ShmooCon X - 2014

Presented by: Xeno Kovah
Date: Friday January 17, 2014
Time: 15:30 - 16:20
Location: Georgetown East
Track: Trainer Exchange

Creator: Xeno Kovah

License: Creative Commons: Attribution, Share-Alike (http://creativecommons.org/licenses/by-sa/3.0/)

Class Prerequisites: Must have a basic understanding of the C programming language, as this class will show how C code corresponds to assembly code.

Lab Requirements: Requires a Windows system with Visual C++ Express Edition. Requires a Linux system with gcc and gdb, and the CMU binary bomb installed. Either system can be physical or virtual.

Class Textbook: “Professional Assembly Language” by Richard Blum. This was chosen as a reference book because it provides an alternate explanation for all the instructions covered in the class. However it is Linux and AT&T syntax focused rather than Windows and Intel syntax.

Recommended Class Duration: 2-3 days

Creator Available to Teach In-Person Classes: Yes

Author Comments:

Intel processors have been a major force in personal computing for more than 30 years. An understanding of low level computing mechanisms used in Intel chips as taught in this course serves as a foundation upon which to better understand other hardware, as well as many technical specialties such as reverse engineering, compiler design, operating system design, code optimization, and vulnerability exploitation.

25% of the time will be spent bootstrapping knowledge of fully OS-independent aspects of Intel architecture. 50% will be spent learning Windows tools and analysis of simple programs. The final 25% of time will be spent learning Linux tools for analysis.

This class serves as a foundation for the follow on Intermediate level x86 class. It teaches the basic concepts and describes the hardware that assembly code deals with. It also goes over many of the most common assembly instructions. Although x86 has hundreds of special purpose instructions, students will be shown it is possible to read most programs by knowing only around 20-30 instructions and their variations.

The instructor-led lab work will include:

Knowledge of this material is a prerequisite for future classes such as Intermediate x86, Rootkits, Exploits, and Introduction to Reverse Engineering.

Special Thanks to Reza Fatahi for helping create captions for Day 1 Parts 1-2 of the YouTube videos!

A student Q&A forum has been set up at http://www.reddit.com/r/OST_IntroX86.

To submit any suggestions, corrections, or explanations of things I didn’t know the reasons for, please email me at the address above.

Xeno Kovah

Xeno has a BS in CS from UMN, and an MS in security from CMU, which he attended through the National Science Foundation Scholarship for Service (aka CyberCorps) program. He has been attending security conferences since 1999 and working full time on security research since 2007. If he could have any super power it would be teleportation (the movie Jumper gives a good indication why.)


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats