Lab 2: Reading Assembly

🎯 Lab Objectives

Reading and understanding Assembly code
Identifying common structures (if, loops, functions)
Converting from Assembly to C

📝 Exercise 1: Data Movement

Exercise 1.1

What will be the value of each register at the end?

mov eax, 10
mov ebx, 20
mov ecx, eax
add ecx, ebx

👁️ Show Answer

EAX = 10
EBX = 20
ECX = 30 (10 + 20)

Exercise 1.2

What will be the value of EAX at the end?

mov eax, 100
sub eax, 25
add eax, 10
dec eax

👁️ Show Answer

EAX = 84
100 - 25 = 75
75 + 10 = 85
85 - 1 = 84

Exercise 1.3

What is the difference between these two lines?

mov eax, [ebp-4]    ; Line A
lea eax, [ebp-4]    ; Line B

👁️ Show Answer

Line A (MOV): Copies the value at address EBP-4 to EAX
Line B (LEA): Copies the address itself (EBP-4) to EAX

If EBP=0x1000 and the value at address 0x0FFC is 42:
MOV: EAX = 42
LEA: EAX = 0x0FFC

📝 Exercise 2: Logical Operations

Exercise 2.1

What will EAX be at the end? (Hint: work in binary)

mov eax, 0xFF      ; 1111 1111
and eax, 0x0F      ; 0000 1111

👁️ Show Answer

EAX = 0x0F = 15
AND keeps only the bits that are 1 in both operands:
1111 1111 AND 0000 1111 = 0000 1111

Exercise 2.2

What does this do?

xor eax, eax

👁️ Show Answer

Zeros out EAX!
XOR of a number with itself always gives 0.
This is faster than mov eax, 0

Exercise 2.3

What will EAX be?

mov eax, 8        ; 0000 1000
shl eax, 2        ; shift left 2

👁️ Show Answer

EAX = 32
SHL 2 = multiply by 4 (2²)
8 × 4 = 32
In binary: 0000 1000 → 0010 0000

📝 Exercise 3: Identifying Conditions

Exercise 3.1

Translate the following code to C:

    cmp eax, 10
    jl  less_than
    mov ebx, 1
    jmp end
less_than:
    mov ebx, 0
end:

👁️ Show Answer

if (eax >= 10) {
    ebx = 1;
} else {
    ebx = 0;
}

Or shortly: ebx = (eax >= 10) ? 1 : 0;

Exercise 3.2

What does the following code check?

    test eax, eax
    jnz  not_zero
    ; code A
    jmp end
not_zero:
    ; code B
end:

👁️ Show Answer

if (eax == 0) {
    // code A
} else {
    // code B
}

TEST EAX, EAX sets ZF to 1 if EAX=0.
JNZ = Jump if Not Zero = jumps if EAX ≠ 0

📝 Exercise 4: Loops

Exercise 4.1

Translate to C and find the final value of EAX:

    mov eax, 0
    mov ecx, 5
loop_start:
    add eax, ecx
    dec ecx
    jnz loop_start

👁️ Show Answer

int sum = 0;
for (int i = 5; i > 0; i--) {
    sum += i;
}
// sum = 5 + 4 + 3 + 2 + 1 = 15

EAX = 15

Exercise 4.2

What does this loop do?

    mov ecx, 10
    mov esi, source
    mov edi, dest
copy_loop:
    mov al, [esi]
    mov [edi], al
    inc esi
    inc edi
    dec ecx
    jnz copy_loop

👁️ Show Answer

Copies 10 bytes from address source to address dest!
In C: memcpy(dest, source, 10);

Each iteration:
1. Reads a byte from source
2. Writes it to dest
3. Advances both pointers
4. Continues until ECX=0

📝 Exercise 5: Functions

Exercise 5.1

What does this function calculate?

func:
    push ebp
    mov ebp, esp
    
    mov eax, [ebp+8]     ; parameter 1
    mov ebx, [ebp+12]    ; parameter 2
    imul eax, ebx        ; EAX = EAX * EBX
    
    pop ebp
    ret

👁️ Show Answer

int func(int a, int b) {
    return a * b;
}

The function multiplies two numbers and returns the result.

Exercise 5.2 - Challenge!

What does this function do? (Hint: famous recursive function)

mystery:
    push ebp
    mov ebp, esp
    
    mov eax, [ebp+8]      ; n
    cmp eax, 1
    jle base_case
    
    ; recursive case
    dec eax
    push eax
    call mystery
    add esp, 4
    
    mov ebx, [ebp+8]
    imul eax, ebx
    jmp done
    
base_case:
    mov eax, 1
    
done:
    pop ebp
    ret

👁️ Show Answer

This is the Factorial function!

int factorial(int n) {
    if (n <= 1) {
        return 1;
    }
    return n * factorial(n - 1);
}

factorial(5) = 5 × 4 × 3 × 2 × 1 = 120

✅ Summary

After these exercises, you should feel more comfortable with:

Reading MOV, ADD, SUB, AND, XOR, SHL instructions
Identifying conditions (CMP + Jxx)
Identifying loops
Understanding function structures

← Lab 1: Getting to Know the Tools Lab 3: Crackme Challenge →