Assembly Is Too High-Level: Full Offsets

This is one of those times were I get kind of annoyed that what I tell my ‘high-level’ language gets ‘interpreted’ for me, because it knows better. I feel this post may be slightly less arbitrary than the rest; in the sense that the machine-level hack covers something that you should be able to use, […]

sled

bettercallsal

Assembly Is Too High-Level: Better Call SAL

  When it comes down to it, this is logically true. But it seems like everything tries to sweep SAL under the rug, therefore: I WANT!     I get it, it’s the same thing. And for the record, I verified that they operate exactly the same down to the eflags being set identically. Lets […]


Assembly Is Too High-Level: OP REG,imm redundancies 3

About a week ago I came accross one of Ange’s pages (https://code.google.com/p/corkami/wiki/x86oddities?wl=en). Before that point I only knew him as a major contributor to my favorite zine (PoC||GTFO) and author of some very useful technical info-graphics; his ELF diagram jump started my ability to create my m2elf.pl script. Looking at his x86 oddities page, it looks […]

test03

machine3

How to Machine 1

I’ve been making a few posts on how I find situations where assembly language would be too high-level, almost to the point of evangelizing it. However, I realized that I have not yet gone into any kind of explanation on exactly what tricks I am using to directly code in machine code. There are actually […]


Bass + Computer 1

Summary: While I was at the NYC 2600 this month (September), I was talking with someone involved in chiptunes and it reminded me of one of my ‘secret’ projects that I somehow forgot to mention more publicly. This was a project that I put together all the way back in 2008/2009 (hardware/software respectively). Pretty much […]

20150905_102542_2

67s

Assembly Is Too High-Level: Consistent Instruction Sizes 1

YES! I want that. I want ALL my instructionz to be 15 bytes. Forget that this part of the manual is talking about AVX instructions, I don’t care about that; I just want 15 byte instructions, so when I look at machine code in a debugger, it doesn’t look all jagged and ugly. What do […]


8ball can now speedball

As I’m preparing to give a talk on automated regular expression denial of service methods and defenses at DefCon 23 this week, I beefed up part of 8ball (a tool demonstrated at DefCon 22 last year) to be able to incorporate RE:DoS. 8ball is a script that parses a txt file list of snort/suricata rules […]

snort

addshellm

Assembly Is Too High-Level: Shell with 178 ADDs and 1 JMP

While the discussion that will follow can all be done exclusively in assembly language, the fun stuff is happening with an understanding of the machine language component. Also, this general obfuscation trick is not completely a new one, it’s just my flavor of it. AddShell: I wrote a program that I called “AddShell”. It is […]


I GOTO

I wrote code with a GOTO in it. It has been multiple decades since the last time I did this; when I was stuck using ‘lined-BASIC’ in the early to mid 90’s. And you know what, I don’t care. I could have done this code without a goto if I refactored it a little bit, […]

Screen Shot 2015-05-21 at 8.53.10 PM

2ksmall

2K of RAM

Background: This is an old picture I found from around early 2001. In the 2nd semester of my degree we were given lot’s of components in our ‘lab kit.’ One of these components was a static 2k RAM chip. I later found out that we were never intended to actually use this chip for class…too […]