LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 10-07-2024, 11:53 AM   #1
Garrett85
Member
 
Registered: Jan 2011
Posts: 335

Rep: Reputation: 6
Learning Assembly for Reverse Engineering


I'm currently a php developer but, as a hobby I am interested in revers engineering software, games in particular. When and were possible I would like to be able to bring some older game title from their original OS requirements to run natively on Linux (I realize that many/most times this will be too large an endeavor) or help to run via Wine when the first options is impossible or impractical. And in general, just be able to change something that I wish were different in the game.

After doing a little research I have learned that knowledge of assembly will be about impossible to get around. Any ideas on how/where to start? I found these two courses but I'm concerned that I wont be able to follow along, I know at least one of them requires the student to be using windows, and I wouldn't be surprised if that wasn't the case for both of them.

https://www.udemy.com/course/assembl...e=24T5MT100724

&

https://www.udemy.com/course/x64-ass...e=24T5MT100724
 
Old 10-07-2024, 12:52 PM   #2
wpeckham
LQ Guru
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,958

Rep: Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830
When I started assembly language the 8080 was the "latest and greatest" processor.
I might suggest taking a class, but meanwhile

https://dev.to/amritoo/a-beginners-g...g-emu8086-2k75
https://www.baeldung.com/linux/assembly-compile-run
and
https://github.com/mschwartz/assembly-tutorial

Come up early. It might help to have a reference to the object codes and registers as well.
Once you are comfortable with that, you may need to relearn for the X86_64 family if you will be examining 64-bit software.

Also, be careful what software you target. Many games are protected by licensing and IP law, and reverse engineering is legally restricted behavior and could land you in court. If you reverse one of those for your own purposes, NEVER LET ANYONE KNOW! Not even your dog and CERTAINLY not ME!!!
 
2 members found this post helpful.
Old 10-07-2024, 12:58 PM   #3
Garrett85
Member
 
Registered: Jan 2011
Posts: 335

Original Poster
Rep: Reputation: 6
Quote:
Originally Posted by wpeckham View Post
Also, be careful what software you target. Many games are protected by licensing and IP law, and reverse engineering is legally restricted behavior and could land you in court. If you reverse one of those for your own purposes, NEVER LET ANYONE KNOW! Not even your dog and CERTAINLY not ME!!!
Thanks!

If I did reverse engineer a game, if it were to be something legally protected then it would only be for my own consumption, and I would already own the game too, would just be getting it to work Linux rather than Windows 7 and prior versions, or maybe SNES. If it's not legally protected, well then I would of course want to share my solution.
 
Old 10-07-2024, 03:09 PM   #4
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Slarm64 & Android
Posts: 17,022

Rep: Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459
The hardware datasheet of any cpu should give you a table of Assembler mnemonics <--> machine code.

It's practical to work on small, old things. I'm someone who learned 8080/Z80/8085 Assembler back in the day, and never learned much else. I hacked some Dos project together back in the 1990s also. I wrote microcontroller software in Assembler also. Assembler is fine for statically linked code, and micro controllers. Some Assembler routines can be called with all the data or pointers already in position.

These days, however, there's nothing simple. Everything is indirectly addressed by pointers because of hackers. Code is position independent. Dynamically linked code will call functions in libraries. Now you may be up for the challenges involved, but I certainly would not be. Notice the lack of any compiled language --> Source code translator programs. You could look at Menuet OS, which is a linux OS in Assembler, and dip your toe in the water with that.

Last edited by business_kid; 10-07-2024 at 03:16 PM.
 
1 members found this post helpful.
Old 10-07-2024, 07:25 PM   #5
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 11,347

Rep: Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382
Quote:
And in general, just be able to change something that I wish were different in the game.
Depending on the change, this might be possible to do with a hex editor.
 
1 members found this post helpful.
Old 10-08-2024, 05:03 AM   #6
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware, Slarm64 & Android
Posts: 17,022

Rep: Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459Reputation: 2459
The thing that turned me off Assembler was the headaches. You achieve nothing until you have the machine in your head, I found. You can of course ignore things you don't talk to, but everything you do talk to has to be in your head, or on paper. Then you can motor along. I had designed a micro controller circuit, but it took me weeks to get into the 'machine' mode. I was doing other stuff as well as needed. Then I got the program written in short order. I couldn't make progress referring to paper.

Reverse engineering is actually easier until you come to addresses or libraries. With all this indirect addressing going on, finding out what you are calling promises to be a nightmare. And all executables are position independent... I don't envy you.
 
1 members found this post helpful.
Old 10-08-2024, 06:07 AM   #7
pan64
LQ Addict
 
Registered: Mar 2012
Location: Hungary
Distribution: debian/ubuntu/suse ...
Posts: 23,009

Rep: Reputation: 7627Reputation: 7627Reputation: 7627Reputation: 7627Reputation: 7627Reputation: 7627Reputation: 7627Reputation: 7627Reputation: 7627Reputation: 7627Reputation: 7627
probably you can start here: https://www.sim8085.com/
https://play.google.com/store/apps/d...or&hl=en&pli=1
I started with something like this: http://www.kitektechnologies.com/images/prod/mp1.pdf

When you are ready to continue, you can move to pentium and more advanced cpus in the family.
Or you can try different cpu/architecture too, if you wish (like commodore 64 and 6502)

Reverse engineering a game written for the C64 would be relatively easy, but for a modern CPU/computer it's much more complicated.
 
2 members found this post helpful.
Old 10-08-2024, 03:25 PM   #8
wpeckham
LQ Guru
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,958

Rep: Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830
Quote:
Originally Posted by pan64 View Post
probably you can start here: https://www.sim8085.com/
https://play.google.com/store/apps/d...or&hl=en&pli=1
I started with something like this: http://www.kitektechnologies.com/images/prod/mp1.pdf

When you are ready to continue, you can move to pentium and more advanced cpus in the family.
Or you can try different cpu/architecture too, if you wish (like commodore 64 and 6502)

Reverse engineering a game written for the C64 would be relatively easy, but for a modern CPU/computer it's much more complicated.
The more simple the processor the easier to build an assembler for it, and the easier to reverse. The more complicated the processor the more difficult your project. (Working on CP/M for 8080/Z80 processors was FUN.Still not trivial in any absolute sense.) The 6510 was a great processor, more efficient than the Intel lines of processors in many ways.

Better if you can get the original sources, and translate to a modern language and compiler.
 
1 members found this post helpful.
Old 10-08-2024, 06:03 PM   #9
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,933
Blog Entries: 4

Rep: Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018
So far as I am aware, "nobody uses assembler anymore." And, modern CPUs are specifically designed to accept "compiler output." The manufacturers of the chips usually provide their own compilers, and instruct other projects (particularly gcc) on what instruction-sequences to use.

The most easily-accessible place where you see "assembler" is in the /arch subdirectories of the Linux source code. But, kindly observe that it is minimal. It is exactly what is necessary to implement "very low-level functions" on a particular CPU.

Frankly, I doubt that you will actually need to "dabble in assembler" in order to carry out your intended project.
 
1 members found this post helpful.
Old 10-08-2024, 06:27 PM   #10
wpeckham
LQ Guru
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,958

Rep: Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830
Quote:
Originally Posted by sundialsvcs View Post
So far as I am aware, "nobody uses assembler anymore." And, modern CPUs are specifically designed to accept "compiler output." The manufacturers of the chips usually provide their own compilers, and instruct other projects (particularly gcc) on what instruction-sequences to use....
Cute. Wrong, but cute.
KolibriOS is one of several operating systems entirely coded in assembler. Several device drivers for multiple types of hardware are primarily assembler. Much of the embedded software for certain kinds of industrial and minimal devices are entirely assembler. Just because YOU do not use assembler does not mean "nobody does".

Virtually everyone who has to reverse engineer software without access to the original source, and that does happen in government and business software at times, will need to examine to code directly and work back from the machine code to assembler equivalent and deduce or reconstruct as much as possible of the original.

Starting from 1988 Steve Gibbson (See grc.com ) built hard drive utilities for DOS and Windows in assembler! (See SPINRITE) The latest can be used to speed up older SSD storage. He used to have pages about how he did it and what tools he used with download links (He worked in MSASM early on). I do not know if those are still available. The last time I linked up with him was around 2010 I think. He also had a bunch of interesting projects to share (in asm of course). You might want to check out his sites.

Last edited by wpeckham; 10-08-2024 at 06:33 PM.
 
Old 10-09-2024, 07:25 PM   #11
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,933
Blog Entries: 4

Rep: Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018Reputation: 4018
Well, I worked for several years with a mainframe operating system (IBM's VM/SP and VM/HPO and VM/XA), which was for a time "coded entirely in assembler." Gradually, though, IBM began to use their own internal compiler. And, initially, they refused to release that compiler nor the source-code to any of the modules compiled with it. (I believe that this has since changed.)

But, I daresay that systems like "kalibriOS" are edge cases. While you can certainly continue to write in "assembler," a good compiler will write better code than you can – and the rest can be handled with asm { ... } blocks. Witness what was done with the original Unix®. They wrote a brand-new language, "C," in order to write their brand-new operating system mostly in it. Even one of the seminal microcomputer operating systems, CP/M, was written in a high-level language of the author's own devising.
 
1 members found this post helpful.
Old 10-09-2024, 10:35 PM   #12
wpeckham
LQ Guru
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,958

Rep: Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830
ALL of the most interesting things are "edge cases". And no, a good coder can code better solutions in assembler than a compiler can create. Most projects do not justify that degree of control, but enough do so there is always work for "that guy"!

High speed shipping lines, for example, have to read a package code, do a database lookup, and decide to trigger a robot boot (or not) to direct the package in 256 ms and on minimal hardware. Guess what they code in. Hello USPS, UPS, FedEx, DHL, etc.
 
1 members found this post helpful.
Old 10-13-2024, 03:03 PM   #13
dugan
LQ Guru
 
Registered: Nov 2003
Location: Canada
Distribution: distro hopper
Posts: 11,347

Rep: Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382Reputation: 5382
@Sundialsvcs: OP is not talking about writing assembly code. OP is talking about reading it (from disassembled binaries). And reverse engineering is a field where this is still done.

If you're trying to get a program to work with WINE, then you would be working with binaries for which you do not have the source.

Last edited by dugan; 10-13-2024 at 03:40 PM.
 
Old 10-13-2024, 04:06 PM   #14
EdGr
Senior Member
 
Registered: Dec 2010
Location: California, USA
Distribution: I run my own OS
Posts: 1,038

Rep: Reputation: 485Reputation: 485Reputation: 485Reputation: 485Reputation: 485
I disassembled one of my earliest Z-80 binaries, Monitor 3, mainly because I wrote the source code on paper and assembled it by hand.

Disassembled code is hard to understand because it lacks symbols and comments. This is not the way to learn assembly language. I added enough symbols to make the code somewhat readable. I succeeded only because the program was tiny.
Ed
 
Old 10-13-2024, 05:16 PM   #15
wpeckham
LQ Guru
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, VSIDO, tinycore, Q4OS, Manjaro
Posts: 5,958

Rep: Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830Reputation: 2830
Quote:
Originally Posted by dugan View Post
@Sundialsvcs: OP is not talking about writing assembly code. OP is talking about reading it (from disassembled binaries). And reverse engineering is a field where this is still done.

If you're trying to get a program to work with WINE, then you would be working with binaries for which you do not have the source.
If you can read and understand machine code without learning to assemble machine code, you might be the firt one in history.
And if your application was compiled, you will also need to learn (or deduce) some of the structures created by the compiler used on that project. Reverse engineering is not something you learn in a weekend, it is a journey.
 
  


Reply

Tags
assembler, assembly, engineering, games, linux


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Reverse Engineering to see LINUX grow faster Nebulah Frost Linux - General 2 08-20-2004 12:48 PM
linux reverse-engineering forum Hano Programming 6 07-23-2004 02:36 AM
Recommend a Live bootable Distro for Reverse Engineering? bungerScorpio Linux - Distributions 3 03-16-2004 09:45 PM
reverse engineering walterw Programming 3 01-18-2003 05:15 PM
Reverse engineering the kernel lolmc Linux - General 7 07-06-2002 12:54 AM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 08:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration