Foundations of Linux Debugging, Disassembling, and Reversing: Analyze Binary Code, Understand Stack Memory Usage, and Reconstruct C/C++ Code with Inte

Foundations of Linux Debugging, Disassembling, and Reversing: Analyze Binary Code, Understand Stack Memory Usage, and Reconstruct C/C++ Code with Inte

Dmitry Vostokov
$54.99
Publication Date: January 31st, 2023
Publisher:
Apress
ISBN:
9781484291528
Pages:
173
Usually Ships in 1 to 5 Days

Description

Chapter One - x64.1: Memory, Registers, and Simple Arithmetic 11Memory and Registers inside an Idealized Computer 11Memory and Registers inside Intel 64-bit PC 12"Arithmetic" Project: Memory Layout and Registers 13"Arithmetic" Project: A Computer Program 14"Arithmetic" Project: Assigning Numbers to Memory Locations 15Assigning Numbers to Registers 17"Arithmetic" Project: Adding Numbers to Memory Cells 18Incrementing/Decrementing Numbers in Memory and Registers 21Multiplying Numbers 24
Chapter Two - x64.2: Code Optimization 27"Arithmetic" Project: C/C++ Program 27Downloading GDB 28GDB Disassembly Output - No Optimization 29GDB Disassembly Output - Optimization 32
Chapter Three - x64.3: Number Representations 33Numbers and Their Representations 33Decimal Representation (Base Ten) 34Ternary Representation (Base Three) 35Binary Representation (Base Two) 36Hexadecimal Representation (Base Sixteen) 37Why are Hexadecimals Used? 38
Chapter Four - x64.4: Pointers 41A Definition 41"Pointers" Project: Memory Layout and Registers 42"Pointers" Project: Calculations 43Using Pointers to Assign Numbers to Memory Cells 44Adding Numbers Using Pointers 50Incrementing Numbers Using Pointers 53Multiplying Numbers Using Pointers 56
Chapter Five - x64.5: Bytes, Words, Double, and Quad Words 61Using Hexadecimal Numbers 61Byte Granularity 62Bit Granularity 63Memory Layout 64
Chapter Six - x64.6: Pointers to Memory 67Pointers Revisited 67Addressing Types 68Registers Revisited 73NULL Pointers 74Invalid Pointers 75Variables as Pointers 76Pointer Initialization 77Initialized and Uninitialized Data 78More Pseudo Notation 79"MemoryPointers" Project: Memory Layout 80
Chapter Seven - x64.7: Logical Instructions and RIP 89Instruction Format 89Logical Shift Instructions 90Logical Operations 91Zeroing Memory or Registers 92Instruction Pointer 93Code Section 95
Chapter Eight - x64.8: Reconstructing a Program with Pointers 97Example of Disassembly Output: No Optimization 97Reconstructing C/C++ Code: Part 1 99Reconstructing C/C++ Code: Part 2 101Reconstructing C/C++ Code: Part 3 103Reconstructing C/C++ Code: C/C++ program 104Example of Disassembly Output: Optimized Program 105
Chapter Nine - x64.9: Memory and Stacks 107Stack: A Definition 107Stack Implementation in Memory 108Things to Remember 110PUSH Instruction 111POP instruction 112Register Review 113Application Memory Simplified 115Stack Overflow 116Jumps 117Calls 119Call Stack 121Exploring Stack in GDB 123
Chapter Ten - x64.10: Frame Pointer and Local Variables 127Stack Usage 127Register Review 128Addressing Array Elements 129Stack Structure (No Function Parameters) 130Function Prolog 131Raw Stack (No Local Variables and Function Parameters) 132Function Epilog 134"Local Variables" Project 135Disassembly of Optimized Executable 138
Chapter Eleven - x64.11: Function Parameters 139"FunctionParameters" Project 13...

About the Author

Dmitry Vostokov is an internationally recognized expert, speaker, educator, scientist, inventor, and author. He is the founder of the pattern-oriented software diagnostics, forensics, and prognostics discipline (Systematic Software Diagnostics), and Software Diagnostics Institute (DA+TA: DumpAnalysis.org + TraceAnalysis.org). Vostokov has also authored books on software diagnostics, anomaly detection and analysis, software and memory forensics, root cause analysis and problem solving, memory dump analysis, debugging, software trace and log analysis, reverse engineering, and malware analysis. He has over 25 years of experience in software architecture, design, development, and maintenance in various industries, including leadership, technical, and people management roles. In his spare time, he presents various topics on Debugging.TV and explores Software Narratology, its further development as Narratology of Things and Diagnostics of Things (DoT), Software Pathology, and Quantum Software Diagnostics. His current interest areas are theoretical software diagnostics and its mathematical and computer science foundations, application of formal logic, artificial intelligence, machine learning, and data mining to diagnostics and anomaly detection, software diagnostics engineering and diagnostics-driven development, diagnostics workflow, and interaction. Recent interest areas also include cloud native computing, security, automation, functional programming, and applications of category theory to software development and big data. He is based out of Dublin, Ireland.