Author Topic: Still learning assembler...Can someone help?  (Read 8472 times)

Offline brunoffreire

  • Jr. Member
  • *
  • Posts: 6
Still learning assembler...Can someone help?
« on: August 01, 2012, 10:26:56 PM »
Hello masters!

I am trying to translate the code bellow (win) to equivalent (in linux) once I dont have _chkstk in linux, but I am not sure if I got it right... Are those equivalent? Am I close? Am I totally lost here? Help!
Thanks!

THIS IS THE CODE FOR WIN(MASM):

public _func1
_func1 proc near

var_61= dword   ptr -61h
arg_0= dword ptr  4

mov   eax, 614h
call   __chkstk
mov   ecx, [esp+61h+arg_0]
lea   eax, [esp+61h+var_61]
push   eax
push   ecx
call   _func2
add   esp, 69h
retn
_func1 endp

_text ends



THIS FOR LINUX (NASM)
_func1:

%define var_61 -61h
%define arg_0  4

mov     ecx, eax
push    ecx
push    61h
call    malloc
pop     eax
pop     ecx
lea   eax, [esp+61h+var_61]
push   eax
push   ecx
call   _func2
pop     ecx
pop     eax
retn


Offline Gunner

  • Jr. Member
  • *
  • Posts: 74
  • Country: us
    • Gunners Software
Re: Still learning assembler...Can someone help?
« Reply #1 on: August 02, 2012, 12:31:44 AM »
What in the world are you trying to reverse?  You think seasoned vets can't spot a disassembly?

What does the function do?  Now write it in an Assembly dialect that you know.  If you know 1 dialect of Assembly, converting from one to another is not hard.

Oh and reversing someone else's code is not "Learning Assembly"

Offline Frank Kotler

  • NASM Developer
  • Hero Member
  • *****
  • Posts: 2667
  • Country: us
Re: Still learning assembler...Can someone help?
« Reply #2 on: August 02, 2012, 01:05:17 AM »
I'd have to guess that you're totally lost. Neither the disassembly nor your proposed Linux code make a lot of sense, and they are not equivalent.

We're not going to discuss "reversing" here! This isn't because we're a bunch of wussies, but because this stuff is illegal in some jurisdictions, and we don't want to expose the Forum to legal liabilities. So don't.

However, if you describe what you want to do, we may be able to help you do it in Linux. (or maybe we won't have the expertise) I don't think we care whether MickeySoft has done it or not. What do YOU want to do? (you'll learn more assembly and have more fun doing it this way, too... besides not being banned from the Forum)

Best,
Frank


Offline brunoffreire

  • Jr. Member
  • *
  • Posts: 6
Re: Still learning assembler...Can someone help?
« Reply #3 on: August 02, 2012, 01:53:41 AM »
I'd have to guess that you're totally lost. Neither the disassembly nor your proposed Linux code make a lot of sense, and they are not equivalent.

We're not going to discuss "reversing" here! This isn't because we're a bunch of wussies, but because this stuff is illegal in some jurisdictions, and we don't want to expose the Forum to legal liabilities. So don't.

However, if you describe what you want to do, we may be able to help you do it in Linux. (or maybe we won't have the expertise) I don't think we care whether MickeySoft has done it or not. What do YOU want to do? (you'll learn more assembly and have more fun doing it this way, too... besides not being banned from the Forum)

Best,
Frank

Even that you guys dont like me, I do like you.
Thanks for the reply.

Here is what I want to do.
I have an .obj file that I use for long time now in some of my windows programs. It is about 4 or 5 years old now. I had the source for it but I lost it while ago.

Around 3 years ago, I started to migrate from win to linux (ubuntu distro), and I admit it: I really am happier now.
I develop for linux now (most times, whenever it is up to me) and this obj file have some functions that I use a lot.

I tought it would be easy to disassemble the .obj file and recompile it into a .so file instead re-write everything again. Just as simple as that. However, turns out it is not that easy.

Do you see? I dont want to "reverse". I just want my lib so I can use it in linux....

Well... I dont see how that could be illegal, but... What do I know, right?

I think it is time to open a new project and rewrite every thing again.
The code is not big. I can do it.

Thanks again for the tips.

Best regards,

Bruno

Offline Gunner

  • Jr. Member
  • *
  • Posts: 74
  • Country: us
    • Gunners Software
Re: Still learning assembler...Can someone help?
« Reply #4 on: August 02, 2012, 01:58:15 AM »
Quote
I think it is time to open a new project and rewrite every thing again.

This is the only way to really do it.  You will get better at Assembly, and the code might come out better.  The code you posted is not from an Assembler, but seems to come from a compiler.

What does the code do?  Maybe we could help if we knew.

Offline brunoffreire

  • Jr. Member
  • *
  • Posts: 6
Re: Still learning assembler...Can someone help?
« Reply #5 on: August 02, 2012, 02:02:35 AM »
What in the world are you trying to reverse?  You think seasoned vets can't spot a disassembly?

What does the function do?  Now write it in an Assembly dialect that you know.  If you know 1 dialect of Assembly, converting from one to another is not hard.

Oh and reversing someone else's code is not "Learning Assembly"

Check out my reply for frank first...

Answering your question: I dont know wat the assembly or disassembly function does.

Actually, I dont even want to know.... I just want my functions available in a .so file. :)

What I do know, is that func1 gives me the size of my compreessed string when it is decompressed. Func2 decompress it to do check the size and it is repassed as output of func1.

PS: the code i posted came from IDA
« Last Edit: August 02, 2012, 02:09:38 AM by brunoffreire »

Offline Frank Kotler

  • NASM Developer
  • Hero Member
  • *****
  • Posts: 2667
  • Country: us
Re: Still learning assembler...Can someone help?
« Reply #6 on: August 02, 2012, 04:47:38 AM »
I don't even know you. How would I know if I like you or not? :)

So we need a function to decompress a string. Do we know what compression algorithm is used? This would probably be quite difficult to write in asm, but there may be library code available that we can call for the "dirty work". If not... well, we can try it...

There's a fundamental difference between Windows .dll's and Linux .so's. As I understand it, .dll's have a "preferred" load address, but if that address is not available it can be relocated. A .so has to be position independent code - can't be relocated, it has to run wherever Linux loads it. There are workarounds that make this possible, but it probably means that your Windows code wouldn't work even if you could get it to assemble.

(One "clue" I've picked up is that both "--shared" and "-fPIC" have to be specified. I'd have thought that "--shared" implied "-fPIC", but some versions of ld apparently require both.)

I think I'd start by decompressing the string and finding its length as a "freestanding" program first. Then make it into a static library. Then, if it makes sense, make it into a .so. Unless your function(s) are being used by several processes at once, you might be better off  leaving it linked static.

Anyway, if you need help with it, tells us more about these functions you need. We can try!

Best,
Frank