Intro to Assembly Language  Medium

Summary

Binary exploitation is a core part of penetration testing, but learning it can be pretty challenging. This is mainly due to the complexity of binary files and their underlying machine code and the way binary files interact with the processor and computer memory.

Learning the basics of Computer Architecture and the Assembly Language is fundamental for understanding binary exploitation. Both can significantly enhance our understanding of how binaries work and interact with system resources.

The Intro to Assembly Language module builds the core foundation for all future Binary Exploitation modules by teaching the basics of:

1. Computer and Processor Architecture
2. Debugging and Disassembling
3. x86_64 Assembly Language
4. Shellcoding

Having a solid understanding of these topics will make learning basic binary exploitation very straightforward and facilitate learning advanced binary exploitation.

In addition to teaching the above topics, this module will also cover:

• How High-Level code is compiled into Low-Level machine code
• Different types and segments of computer memory
• CPU clock and instruction cycles
• CISC vs. RISC architectures
• Different types of registers and memory addresses
• CPU address endianess
• Intro to nasm and Assembly File Structure
• Intro to Assembling and Disassembling files
• Basics of Binary Debugging with GDB
• Basic Data and Arithmetic Assembly instructions
• Intro to Assembly loops and branching
• Assembly flags and conditional branching
• Intro to Linux syscalls
• Assembly procedures and functions
• Using C and libc functions with Assembly
• Intro to pwntools for Assembly and Shellcoding
• Writing scripts with modern tools to extract, run, and debug shellcodes
• Modern shellcoding techniques compliant with memory protections
• Using tools for shellcode generation and encoding

We will also be working on a project throughout the module to apply everything we learn.

By the end of the module, we will have created a complete program that takes user input, performs advanced calculations, and outputs the results to the user, using nothing but Assembly language (, i.e., 1's and 0's).

To know more about this module, you may also watch this talk from module author at the HackTheBox Uni CTF 2022 titled First Steps Into Binary Exploitation, as it introduces the first few sections of this module and also shows how this module is benefecial for getting started in Binary Exploitation:

This module is broken down into sections with accompanying hands-on exercises to practice each of the tactics and techniques we cover.
The module ends with a practical hands-on skills assessment to gauge your understanding of the various topic areas.

As you work through the module, you will see example commands and command output for the various topics introduced. It is worth reproducing as many of these examples as possible to reinforce further the concepts presented in each section. You can do this in the PwnBox provided in the interactive sections or your virtual machine.

You can start and stop the module at any time and pick up where you left off. There is no time limit or "grading," but you must complete all of the exercises and the skills assessment to receive the maximum number of cubes and have this module marked as complete in any paths you have chosen.

The module is classified as "Medium" and assumes a working knowledge of the Linux command line and an understanding of information security fundamentals.

A firm grasp of the following modules can be considered prerequisites for successful completion of this module:

• Learning Process
• Linux Fundamentals

Sections

• Assembly Language
• Computer Architecture
• CPU Architecture
• Instruction Set Architectures
• Registers, Addresses, and Data Types
• Assembly File Structure
• Assembling & Disassembling
• GNU Debugger (GDB)
• Debugging with GDB
• Module Project
• Data Movement
• Arithmetic Instructions
• Loops
• Unconditional Branching
• Conditional Branching
• Using the Stack
• Syscalls
• Procedures
• Functions
• Libc Functions
• Shellcodes
• Shellcoding Techniques
• Shellcoding Tools
• Skills Assessment

Relevant Paths

This module progresses you towards the following Paths

Intro to Binary Exploitation

Hard 62 Sections

Cubes Required: 570

Binary exploitation is a core tenet of penetration testing, but learning it can be daunting. This is mainly due to the complexity of binary files and their underlying machine code and how binary files interact with computer memory and the processor. To learn the basics of binary exploitation, we must first have a firm grasp of Computer Architecture and the Assembly Language. To move into more advanced binary exploitation, we must have a firm grasp on basic buffer overflow attacks, principles such as CPU architecture, and CPU registers for 32-bit Windows and Linux systems. Furthermore, a strong foundation in Python scripting is essential for writing and understanding exploit scripts.

4 Modules

  Introduction to Python 3

Easy 14 Sections

Automating tedious or otherwise impossible tasks is highly valued during both penetration testing engagements and everyday life. Introduction to Python 3 aims to introduce the student to the world of scripting with Python 3 and covers the essential building blocks needed for a beginner to understand programming. Some advanced topics are also covered for the more experienced student. In a guided fashion and starting soft, the final goal of this module is to equip the reader with enough know-how to be able to implement simple yet useful pieces of software.

  Intro to Assembly Language

Medium 24 Sections

This module builds the core foundation for Binary Exploitation by teaching Computer Architecture and Assembly language basics.

  Stack-Based Buffer Overflows on Linux x86

Medium 13 Sections

Buffer overflows are common vulnerabilities in software applications that can be exploited to achieve remote code execution (RCE) or perform a Denial-of-Service (DoS) attack. These vulnerabilities are caused by insecure coding, resulting in an attacker being able to overrun a program's buffer and overwrite adjacent memory locations, changing the program's execution path and resulting in unintended actions.

  Stack-Based Buffer Overflows on Windows x86

Medium 11 Sections

This module is your first step into Windows Binary Exploitation, and it will teach you how to exploit local and remote buffer overflow vulnerabilities on Windows machines.