Translate to assembly [Archive] - RCE Messageboard's Regroupment

View Full Version : Translate to assembly

hello

November 23rd, 2008, 05:47

i would like to translate a few lines of code in C to assembly.
i suppose I need an assembler to do it.
Prefer an assembler that does not contain a linker attached to it.
Please suggest a free assembler and it’s URL if possible
thank you.

anom

November 23rd, 2008, 08:11

MASM, NASM, FASM, ... - use the one you'd like to. In case of FASM there's no linker needed which might be most suitable for your needs.

Many C compiler also support inline-assembly. Using Visual Studio, you could do it that way (syntactically):

Code:

__asm

{

   pop ecx

   mov eax, dword ptr [ecx]

   // whatever you'd like to execute

}

hello

November 23rd, 2008, 08:42

anom...thanks.
i got masm and nasm downloaded,
but their installation right now seems a little beyond my miniature brain.
They give away these great softwares free but do not make the beginning by a beginner that easy. ( not complaining !!)
Any way, i will make an attempt with Fasm.
Thank you.

evaluator

November 23rd, 2008, 14:04

there is also RosAsm with help-full steps

PS. don't you failed to "search before post" !?!?

hello

November 23rd, 2008, 22:28

After compiling a few lines using Fasm, i think iam beginning to recognize what could be really iam looking for. Now the situation as iam able to see is like this:

Source C => assembly-1 => executable
Reversing:
Executable => assembly-2.

What my question is!!!
How I do get the assembly-1 directly from C without reversing the assembly-2 or ever going to that final linking stage at all in the first place ?

thanks.

_wh_

November 24th, 2008, 03:56

Quote:

How I do get the assembly-1 directly from C without reversing the assembly-2

use the compiler switch to get an asm output ..i guess it is -Fa for VC ...

GEEK

November 24th, 2008, 04:19

Quote:

[Originally Posted by hello;77845]anom...thanks.
i got masm and nasm downloaded,
but their installation right now seems a little beyond my miniature brain.
They give away these great softwares free but do not make the beginning by a beginner that easy. ( not complaining !!)
Any way, i will make an attempt with Fasm.
Thank you.

there are forums for masm and nasm covering virtually every topic

hello

November 24th, 2008, 06:46

Thank you..._wh_

Quote:

use the compiler switch to get an asm output ..i guess it is -Fa for VC

My slight familiarity with a compiler is limited to DevC++ .
iam using DevC++IDE.
Here, in this setting, iam not sure .no..i don’t know if or how i can use the compiler switch as you had suggested.

Regards..

blabberer

November 24th, 2008, 14:03

well chuck out the gui component get to commandline find the underlying compiler that is actually doing the job

devblahwhatever.exe and make it spit its arguments one of the argument it takes should relate to assembly

like here

Code:





F:\>WINDDK\3790.1830\bin\x86\cl.exe /? | findstr "assem"

Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 13.10.4035 for 80x86

Copyright (C) Microsoft Corporation 1984-2002. All rights reserved.



    noAssembly - do not produce an assembly

/Fa[file] name assembly listing file     /Fo<file> name object file

/FA[sc] configure assembly listing       /Fp<file> name precompiled header file

/AI<dir> add to assembly search path     /Fx merge injected code to file

/FU<file> forced using assembly/module   /FI<file> name forced include file



F:\>bcc32 | findstr "ass"

  -Ax     Disable extensions        -B      Compile via assembly

  -RT   * Generate RTTI             -S      Produce assembly output

  -Txxx   Set assembler option      -Uxxx   Undefine macro



F:\>

get borland free commandline tools (its about a decade old now with w2k psdk headers included in a sleek 9mb package and worksquiet ok )

hello

November 25th, 2008, 02:16

blabberer
…a clairvoyant!

Quote:

well chuck out the gui component get to command line find the underlying compiler
that is actually doing the job

What you have expressed is what closely i was longing to do.
iam familiar with bcc32 and; so the compiler part is taken care of.
Other part of actually doing it, i hope i could accomplish.
Regards…

hello

November 25th, 2008, 11:01

i have been struggling for days not knowing how to convert C to asm (so simple now); visiting all familiar sites; downloading all compilers available, then struggling to install it and finally losing track of what i wanted to do in the first place. Then, finally decided to visit this great place and lo and behold! blabberer with one rap showed me the right way.
Thank you...
So what is given below is a bit of show off. (excuse for the impudence)

#include<stdio.h>
void main()
{
printf("GOOD LUCK "

;
getchar();
}
-------------------------
The output in assembly …… trimmed

?live1@0:
;
; void main()
;
push ebp
mov ebp,esp
;
; {
; printf("GOOD LUCK "

;
;
@1:
push offset s@
call _printf
pop ecx
;
; getchar();
;
mov eax,offset __streams
dec dword ptr [eax+8]
js short @2

-------------------------------
Reversed from the executable

00401150 /. 55 PUSH EBP
00401151 |. 8BEC MOV EBP, ESP
00401153 |. 68 28A14000 PUSH abc.0040A128 ; /Arg1 = 0040A128 ASCII "GOOD LUCK”
00401158 |. E8 6F2B0000 CALL abc.00403CCC ; \abc.00403CCC
0040115D |. 59 POP ECX
0040115E |. B8 90A64000 MOV EAX, abc.0040A690
00401163 |. FF48 08 DEC DWORD PTR DS:[EAX+8]
00401166 |. 78 09 JS SHORT abc.00401171
00401168 |. BA 90A64000 MOV EDX, abc.0040A690

So, the compiler has done HIS work to translate the source to asm. But, compiler doesn’t allot an address to the instruction (example: push ebp) , because in reversed code i find the same instruction (00401150 Push Ebp) comes from an address 401150.
Who makes this allotment?
Next, how do I convert this .asm to .exe?
Regards...

_wh_

November 26th, 2008, 03:03

?????

Quote:

compiler doesn’t allot an address to the instruction (example: push ebp)

sure!
after the linking process you can get the final address of the opcode.

step 2)
write a tool which converts your c->asm source, into a syntax which can be used by your favourite assembler e.g. nasm/yasm/masm
-then compile the converted-asm source-> obj
-obj->linker->exe

hello

November 26th, 2008, 05:41

Wh .. thanks, for your response!
i am using Borland command line compiler bcc32 .

Quote:

“write a tool which converts your c->asm source, into a syntax which can be used by your favourite assembler e.g. nasm/yasm/masm “ .-then compile the converted-asm source-> obj

i went over this sentence many times , but find that it’s way above my head. So, i request, if you could spare the time, explain the idea in a little simpler term.

Regards..

WaxfordSqueers

December 7th, 2008, 04:50

Quote:

[Originally Posted by hello;77893]So, the compiler has done HIS work to translate the source to asm. But, compiler doesn’t allot an address to the instruction (example: push ebp) , because in reversed code i find the same instruction (00401150 Push Ebp) comes from an address 401150.
Who makes this allotment? Next, how do I convert this .asm to .exe?

The compiler doesn't allot addresses because it doesn't know where the executable will be loaded in memory. The operating system assigns the loading address, normally at 0x0400000, where the MZ header will be found. If that space is not available, it has options to load the app elsewhere. The compiler allots relative addresses. If you load an executable file in a hex editor, it only lists the relative offsets from 0x0400000, but sometimes even those are a few hundred bytes out.

Converting a decompiled asm back to exe is an inexact science. IDA (Interactive Disassembler) is called interactive because it requires human intervention to clean up the decompiled asm file so it can be recompiled. That's not always possible, but it might be possible if you have a small asm file like yours.

You need to study the PE header format theory for an executable and some operating system theory.

blabberer

December 7th, 2008, 14:42

Quote:

[Originally Posted by hello;77893]
So, the compiler has done HIS work to translate the source to asm. But, compiler doesn’t allot an address to the instruction (example: push ebp) , because in reversed code i find the same instruction (00401150 Push Ebp) comes from an address 401150.
Who makes this allotment?
Next, how do I convert this .asm to .exe?
Regards...

compiler just outputs an object file it doesnt know anything about addresses
the linker links the object file which contains referances to imports and puts your code in an appropriate place

the linker also includes lots of code for runtime support
the address 401150 is decided by the linker when it links your .obj file along with other libs as required

Quote:

Next, how do I convert this .asm to .exe?

use bcc32 again on the asm

a sample

Code:





asstinker:\>dir /b

assoutp.c





asstinker:\>type assoutp.c

#include<stdio.h>

void main()

{

printf("GOOD LUCK ";

getchar();

}







asstinker:\>bcc32 -S assoutp.c

Borland C++ 5.5.1 for Win32 Copyright (c) 1993, 2000 Borland

assoutp.c:



asstinker:\>dir /b

assoutp.asm

assoutp.c



asstinker:\>type assoutp.asm

        .386p

        ifdef ??version

        if    ??version GT 500H

        .mmx

        endif

        endif

        model flat

        ifndef  ??version

        ?debug  macro

        endm

        endif

        ?debug  S "assoutp.c"

        ?debug  T "assoutp.c"

_TEXT   segment dword public use32 'CODE'

_TEXT   ends

_DATA   segment dword public use32 'DATA'

_DATA   ends

_BSS    segment dword public use32 'BSS'

_BSS    ends

DGROUP  group   _BSS,_DATA

_TEXT   segment dword public use32 'CODE'

_main   proc    near

?live1@0:

   ;

   ;    void main()

   ;

        push      ebp

        mov       ebp,esp

   ;

   ;    {

   ;    printf("GOOD LUCK ";

   ;

@1:

        push      offset s@

        call      _printf

        pop       ecx

   ;

   ;    getchar();

   ;

        mov       eax,offset __streams

        dec       dword ptr [eax+8]

        js        short @2

        mov       edx,offset __streams

        inc       dword ptr [edx]

@5:

        pop       ebp

        ret

@2:

        push      offset __streams

        call      __fgetc

        pop       ecx

   ;

   ;    }

   ;

@3:

@4:

        pop       ebp

        ret

_main   endp

_TEXT   ends

_DATA   segment dword public use32 'DATA'

s@      label   byte

        ;       s@+0:

        db      "GOOD LUCK ",0

        align   4

_DATA   ends

_TEXT   segment dword public use32 'CODE'

_TEXT   ends

 extrn   __streams:byte

        public  _main

 extrn   _printf:near

 extrn   __fgetc:near

        ?debug  D "F:\borland\bcc55\include\_nfile.h" 10459 10272

        ?debug  D "F:\borland\bcc55\include\_null.h" 10459 10272

        ?debug  D "F:\borland\bcc55\include\_defs.h" 10459 10272

        ?debug  D "F:\borland\bcc55\include\_stddef.h" 10459 10272

        ?debug  D "F:\borland\bcc55\include\stdio.h" 10459 10272

        ?debug  D "assoutp.c" 14713 48322

        end







asstinker:\>bcc32 assoutp.asm

Borland C++ 5.5.1 for Win32 Copyright (c) 1993, 2000 Borland

assoutp.asm:

Turbo Assembler  Version 5.0  Copyright (c) 1988, 1996 Borland International



Assembling file:   assoutp.ASM

Error messages:    None

Warning messages:  None

Passes:            1



Turbo Incremental Link 5.00 Copyright (c) 1997, 2000 Borland



asstinker:\>dir /b

assoutp.asm

assoutp.c

assoutp.exe

assoutp.obj

assoutp.tds



asstinker:\>assoutp.exe

GOOD LUCK



asstinker:\>

hello

December 9th, 2008, 07:24

Excellent ... illustration by blabberer.
This contribution had very much helped me to get going... Meanwhile the asm file generated by bcc32 using -S switch, looks like as seen below which you had already revealed earlier:

Code:

Style: 1

.386p

	ifdef ??version

	if    ??version GT 500H

	-------------------------------edited

   ;	int main()

   ;	

	push      ebp

	mov       ebp,esp

   ;	

   ;	{

   ;	printf("Good Luck";

   ;	

	-------------------------------edited

i tried to code the same in assembly and using GoAsm and GoLink, i could make an executable that displays the same string.

Code:

Style: 2

DATA

Hello DD 0

;

CODE

START:

PUSH -11

CALL GetStdHandle

;

PUSH 0

PUSH ADDR Hello

PUSH 9

PUSH 'Good Luck'

PUSH EAX

;

XOR EAX,EAX

RET

Now... i suppose both codes are in assembly language. Both can be linked to get an exe.
Why the former one (style:1) looks so complex and latter comparatively simple?
is there any method to generate the apparently simple looking version (style:2) from the source in C ?

Regards…