Forum Thread: Assembly and R.Engineering?

Assembly and R.Engineering?

As a newcomer here i must admit: I'm not a professional regarding computers, but my interest in IT field has growing a lot since i started to visit this wonderful place(NullByte). Now, to the question:

what is the real importance of assembly today, especially in malware analysis and other related security fields?

"Practical Reverse Engineering - Dang, Gazet, Bachaalany" has excellent advices for those who want to take the path of R.Eng. but don't have a firm grasp.

Also, Mr.Occupytheweb wrote an amazing article here on null byte( "Essentials skills to Becoming a Master Hacker"). Even after some research, i still have to ask: Should i learn assembly? or should i focus on other languages(Ruby, python, C++, Javascript, HTML,...) in addition to other skills?

Thank you guys in advance,

RTM

7 Responses

Reverse:

Welcome to Null Byte!

As a hacker, the scripting languages (Perl, Ruby, Python, etc.) are essential. If you are looking to do malware analysis or build your own exploits, assembly is great to have, almost essential.

I hope that answers your question.

OTW

Yes, it's good to know that assembly is very important.
Thank you Mr.OTW !

RTM

A little surprise about Assembly is coming soon... eh-eh

I agree with Ciuffy and Romeo above that you should learn scripting & even programming language first. Particularly, knowing some C will make assembly much much more accessible to you. However, when you do get down to it...

There is also a very clear series set of series on assembly for linux & windows on securitytube.net. The recommended order to do these in are, the linux asssembly tutorials, then windows assembly, then buffer overflow tutorials(on linux), and then onto exploit research. Unfortunately, a lot of the videos have problems in sound or visual quality, but the content is worth your time. Find them all under the 'Megaprimers' menu on this site:

http://www.securitytube.net/

Agreed. That man really cares about details.

I always found scripting to be the easiest place to start. I have really enjoyed learning Python, and I would recommend that, as it makes transitioning to C very easy (Python was developed from C, making it very similar). I'm not a genius in Assembly (you'll have to ask Ciuffy about that ;) ), but I do know that Assembly is not a good place to start.

I find Ruby to be great for networking, and Python for just about anything. If you want to learn JS, you might as well learn HTML and PHP. I did like Perl when I first started, but it gets pretty complicated for something simple. Here are examples of what these languages look like for the same code:

C:
#include <stdio.h>

int main()
{
[whitespace] printf("Hello, World!\n");

[whitespace] return 0;
}

Ruby:
puts "Hello World!";

Python:
print "Hello World!\n"

C++:
#include <iostream>

using namespace std;

int main()
{
[whitespace] cout << "Hello World" << endl;

[whitespace] return 0;
}

HTML:
<!DOCTYPE html>
<html>
<title>Web Page Design</title>
<body>
<div>Hello, World!</div>
</body>
</html>

JS:
function sayHello()
{
[whitespace] alert("Hello, World!");
}

sayHello();

Assembly:
section .text
global _start ;must be declared for using gcc
_start: ;tell linker entry point
[whitespace] mov edx, len ;message length
[whitespace] mov ecx, msg ;message to write
[whitespace] mov ebx, 1 ;file descriptor (stdout)
[whitespace] mov eax, 4 ;system call number (sys_write)
[whitespace] int 0x80 ;call kernel
[whitespace] mov eax, 1 ;system call number (sys_exit)
[whitespace] int 0x80 ;call kernel_

section .data

msg db 'Hello, world!',0xa ;our dear string
len equ $ - msg ;length of our dear string

Perl:
print "Hello World!\n";

I hope that helped your descision!

-Cracker|Hacker

Share Your Thoughts

  • Hot
  • Active