Add files via upload

0x00.asm

@@ -0,0 +1,40 @@
+;
+; $Id: 0x00.asm,v 1.1.1.1 2016/03/27 08:40:12 raptor Exp $
+;
+; 0x00 explanation - from xchg rax,rax by xorpd@xorpd.net
+; Copyright (c) 2016 Marco Ivaldi <raptor@0xdeadbeef.info>
+;
+; This is the snippet #0: it sets registers to 0 in different ways.
+;
+; Example:
+; uncomment the added lines
+; $ nasm -f elf64 0x00.asm
+; $ gcc 0x00.o -o 0x00
+; $ gdb 0x00
+; (gdb) b debug
+; (gdb) r
+; (gdb) i r
+; rax            0x0	0
+; rbx            0x0	0
+; rcx            0x0	0
+; rdx            0x0	0
+; rsi            0x0	0
+; rdi            0x0	0
+; rbp            0x0	0x0
+; [...]
+;
+
+	BITS 64
+	SECTION .text
+	global main
+
+main:
+	xor	eax,eax		; set rax to 0 by xor'ing it with itself
+	lea	rbx,[0]		; set rbx to 0 by loading the value 0 into it
+	;mov	ecx,10		; added to make the following loop faster
+	loop	$		; set rcx to 0 by decrementing it via loop
+	mov	rdx,0 		; set rdx to 0 using the mov instruction
+	and	esi,0		; set rsi to 0 by and'ing it with 0
+	sub	edi,edi		; set rdi to 0 by subtracting its current value
+	push	0
+	pop	rbp		; set rbp to 0 using push and pop instructions

0x01.asm

@@ -0,0 +1,45 @@
+;
+; $Id: 0x01.asm,v 1.1.1.1 2016/03/27 08:40:12 raptor Exp $
+;
+; 0x01 explanation - from xchg rax,rax by xorpd@xorpd.net
+; Copyright (c) 2016 Marco Ivaldi <raptor@0xdeadbeef.info>
+;
+; This snippet demonstrates an elegant way to generate the
+; Fibonacci Sequence: 0, 1, 1, 2, 3, 5, 8, 13, 21, 34, ...
+;
+; Example:
+; uncomment the added lines
+; $ nasm -f elf64 0x01.asm
+; $ gcc 0x01.o -o 0x01
+; $ gdb 0x01
+; (gdb) b main.loop
+; (gdb) r
+; (gdb) i r rax
+; rax            0x0	0
+; (gdb) c
+; (gdb) i r rax
+; rax            0x1	1
+; (gdb) c
+; (gdb) i r rax
+; rax            0x1	1
+; (gdb) c
+; (gdb) i r rax
+; rax            0x2	2
+; (gdb) c
+; (gdb) i r rax
+; rax            0x3	3
+; (gdb) c
+; (gdb) i r rax
+; rax            0x5	5
+;
+
+	BITS 64
+	SECTION .text
+	global main
+
+main:
+	;mov	rax,0		; initialize the rax register
+	;mov	rdx,1 		; initialize the rdx register
+.loop:
+	xadd	rax,rdx
+	loop	.loop

0x02.asm

@@ -0,0 +1,36 @@
+;
+; $Id: 0x02.asm,v 1.1.1.1 2016/03/27 08:40:12 raptor Exp $
+;
+; 0x02 explanation - from xchg rax,rax by xorpd@xorpd.net
+; Copyright (c) 2016 Marco Ivaldi <raptor@0xdeadbeef.info>
+;
+; This snippet sets rax to 1 for all its initial values but
+; 0, in which case it sets it to 0. To analyze it, I've used
+; the handy assembly REPL rappel by yrp604@yahoo.com:
+;
+; https://github.com/yrp604/rappel/
+;
+; Example:
+; $ ./rappel 
+; > mov rax,0
+; > neg rax
+; > sbb rax,rax
+; > neg rax
+; rax: 0x0000000000000000
+; [...]
+; > mov rax,1
+; > neg rax
+; > sbb rax,rax
+; > neg rax
+; rax: 0x0000000000000001
+;
+
+	BITS 64
+	SECTION .text
+	global main
+
+main:
+	;mov	rax,1		; initialize the rax register
+	neg	rax		; two's complement (0 - rax); cf = 1 if rax != 0
+	sbb	rax,rax		; rax - rax - cf (it can be either 0 or -1)
+	neg	rax		; two's complement (it can be either 0 or 1)

0x03.asm

@@ -0,0 +1,35 @@
+;
+; $Id: 0x03.asm,v 1.1.1.1 2016/03/27 08:40:12 raptor Exp $
+;
+; 0x03 explanation - from xchg rax,rax by xorpd@xorpd.net
+; Copyright (c) 2016 Marco Ivaldi <raptor@0xdeadbeef.info>
+;
+; This snippet sets rax to the lower value between rax and
+; rdx, using the cf flag to check for carry in a way similar 
+; to the previous snippet 0x02. 
+; 
+; In detail, it subtracts rax from rdx, sets a mask in rcx 
+; based on the result (0 if rax <= rdx; 0xffffffffffffffff 
+; if rdx < rax) and uses it to return rax if rax <= rdx or 
+; return rax + (rdx - rax) = rdx if rdx < rax. In a higher
+; level language:
+;
+; if (rdx < rax) rax = rdx
+;
+; This analysis was facilitated by the assembly REPL rappel 
+; by yrp604@yahoo.com:
+;
+; https://github.com/yrp604/rappel/
+;
+
+	BITS 64
+	SECTION .text
+	global main
+
+main:
+	;mov	rax,1		; initialize the rax register
+	;mov	rdx,2		; initialize the rdx register
+	sub	rdx,rax		; rdx = rdx - rax; cf = 1 if rdx < rax
+	sbb	rcx,rcx		; rcx = rcx - rcx - cf (either 0 or -1)
+	and	rcx,rdx		; rcx = (rdx - rax) if (cf); rcx = 0 if (!cf)
+	add	rax,rcx		; rax = rax + (rdx - rax) if (cf); rax if (!cf)

0x04.asm

@@ -0,0 +1,40 @@
+;
+; $Id: 0x04.asm,v 1.1.1.1 2016/03/27 08:40:12 raptor Exp $
+;
+; 0x04 explanation - from xchg rax,rax by xorpd@xorpd.net
+; Copyright (c) 2016 Marco Ivaldi <raptor@0xdeadbeef.info>
+;
+; This snippet flips the 6th least-significant bit (0x20 
+; is 0b0100000) of the value stored in rax. Since lowercase 
+; and uppercase letters in ascii are separated by a value 
+; of 0x20 (A-Z is 0x41-0x5a and a-z is 0x61-0x7a), this 
+; operation turns uppercase letters into lowercase and vice 
+; versa.
+;
+; This analysis was facilitated by the assembly REPL rappel 
+; by yrp604@yahoo.com:
+;
+; https://github.com/yrp604/rappel/
+;
+; Example:
+; $ ./rappel
+; > mov rax,'A'
+; rax: 0x0000000000000041
+; > xor al,0x20
+; rax: 0x0000000000000061
+; [...]
+; $ echo -e "\x41 \x61"
+; A a
+; $ gdb
+; (gdb) p/c 0b1000001
+; $1 = 65 'A'
+; (gdb) p/c 0b1100001
+; $2 = 97 'a'
+;
+
+	BITS 64
+	SECTION .text
+	global main
+
+main:
+	xor	al,0x20		; flips the 6th bit (0x20 is 0b0100000)

0x05.asm

@@ -0,0 +1,43 @@
+;
+; $Id: 0x05.asm,v 1.1.1.1 2016/03/27 08:40:12 raptor Exp $
+;
+; 0x05 explanation - from xchg rax,rax by xorpd@xorpd.net
+; Copyright (c) 2016 Marco Ivaldi <raptor@0xdeadbeef.info>
+;
+; "Fun with flags!" -- Dr. Sheldon Cooper
+;
+; "[This snippet] allows you to check if a number is between 
+; 5-9 using only one jump. I think it's the most vague one on 
+; this list. Sorry for that :)" -- xorpd
+;
+; The jump instructions that can be used are jbe and jna.
+;
+; While trying to understand this snippet, I had a nice brush
+; up on the RFLAGS register. In detail:
+;
+; cf: carry flag (for sub/cmp, it indicates a borrow)
+;     - set when rax = 5,6,7,8 (see sf)
+; zf: zero flag (set if sub/cmp produces zero value)
+;     - set when rax = 9
+; sf: sign flag (set if sub/cmp produced a negative result)
+;     - set when rax = 5,6,7,8 (see cf)
+; af: adjust flag (set if there is a borrow from the high 
+;     nibble to the low), not really relevant here
+; of: overflow flag (set if both operands are positive and the 
+;     result is negative or if both operands are negative and 
+;     the result is positive), not relevant here
+; pf: parity flag, not relevant here
+;
+
+	BITS 64
+	SECTION .text
+	global main
+
+main:
+	;mov	rax,8		; initialize the rax register
+	sub	rax,5		; rax = rax - 5, modify status flags accordigly
+	cmp	rax,4		; tmp = rax - 4, modify status flags accordigly
+	;jbe	label		; example jump
+	;ret			; return if rax is not between 5-9
+;label:
+	;nop			; only reached if rax is between 5-9

0x06.asm

@@ -0,0 +1,33 @@
+;
+; $Id: 0x06.asm,v 1.1.1.1 2016/03/27 08:40:12 raptor Exp $
+;
+; 0x06 explanation - from xchg rax,rax by xorpd@xorpd.net
+; Copyright (c) 2016 Marco Ivaldi <raptor@0xdeadbeef.info>
+;
+; This snippet sets rax with its initial value, by doing
+; the following operations:
+;
+; 1. bitwise not of rax (one's complement negation)
+; 2. rax = rax + 1
+; 3. bitwise not of rax + 1 (two's complement negation)
+;
+; It is structurally equivalent to this (inverted) snippet:
+;
+; neg	rax
+; dec	rax
+; not	rax
+;
+; This analysis was facilitated by the assembly REPL rappel 
+; by yrp604@yahoo.com:
+;
+; https://github.com/yrp604/rappel/
+;
+
+	BITS 64
+	SECTION .text
+	global main
+
+main:
+	not	rax		; one's complement negation (bitwise not)
+	inc	rax		; rax = rax + 1
+	neg	rax		; two's complement negation (bitwise not + 1)

0x07.asm

@@ -0,0 +1,45 @@
+;
+; $Id: 0x07.asm,v 1.1.1.1 2016/03/27 08:40:12 raptor Exp $
+;
+; 0x07 explanation - from xchg rax,rax by xorpd@xorpd.net
+; Copyright (c) 2016 Marco Ivaldi <raptor@0xdeadbeef.info>
+;
+; This snippet sets rax with its initial value, in a way
+; similar to the previous snippet 0x06. The following C
+; code performs the same calculations:
+;
+; #include <stdio.h>
+; main()
+; {
+; 	int rax = 5;
+; 	printf("in:  %d\n", rax);
+; 	rax = ~((~(rax + 1) + 1) + 1) + 1;
+; 	printf("out: %d\n", rax);
+; }
+;
+; I guess the main takeway here (as in the previous snippet) 
+; is that "not rax" can be rewritten as:
+;
+; inc	rax
+; neg	rax
+;
+; Similarly, "neg rax" can be rewritten as:
+;
+; not	rax
+; inc	rax
+;
+; This analysis was facilitated by the assembly REPL rappel 
+; by yrp604@yahoo.com:
+;
+; https://github.com/yrp604/rappel/
+;
+
+	BITS 64
+	SECTION .text
+	global main
+
+main:
+	inc	rax		; rax = rax + 1
+	neg	rax		; rax = ~rax + 1
+	inc	rax		; rax = rax + 1
+	neg	rax		; rax = ~rax + 1

0x08_TODO.asm

@@ -0,0 +1,53 @@
+;
+; $Id: 0x08_TODO.asm,v 1.1.1.1 2016/03/27 08:40:12 raptor Exp $
+;
+; 0x08 explanation - from xchg rax,rax by xorpd@xorpd.net
+; Copyright (c) 2016 Marco Ivaldi <raptor@0xdeadbeef.info>
+;
+; TODO: THIS EXPLANATION IS INCOMPLETE
+;
+; For positive values of rax and rdx, this snippet performs
+; an Euclidean (integer) division by two of the sum of the
+; rax and rdx registers. In C:
+;
+; rax = rax + rdx;
+; rax = (int)rax / 2;
+;
+; This also works when both rax and rdx have a negative
+; value, because of the clever use of the rcr instruction
+; (right rotate with carry) that uses the carry flag (cf): 
+; it shifts cf into the most-significant bit and shifts 
+; the least-significant bit into cf. When one of the input 
+; values is positive and the other is negative and their 
+; sum is also negative, however, we get another result:
+;
+; $ ./rappel
+; > mov rax,1
+; > mov rdx,-2
+; rax: 0x0000000000000001 rbx: 0x0000000000000000 
+; rcx: 0x0000000000000000 rdx: 0xfffffffffffffffe
+; > add rax,rdx
+; rax: 0xffffffffffffffff rbx: 0x0000000000000000
+; rcx: 0x0000000000000000 rdx: 0xfffffffffffffffe
+; flags: 0x0000000000000286 [cf:0, zf:0, of:0, sf:1, pf:0, af:0]
+; > rcr rax,1
+; rax: 0x7fffffffffffffff rbx: 0x0000000000000000
+; rcx: 0x0000000000000000 rdx: 0xfffffffffffffffe
+; flags: 0x0000000000000a87 [cf:1, zf:0, of:0, sf:1, pf:0, af:0]
+;
+; For this reason, I suspect this explanation might be 
+; incomplete.
+;
+; This analysis was facilitated by the assembly REPL rappel 
+; by yrp604@yahoo.com:
+;
+; https://github.com/yrp604/rappel/
+;
+
+	BITS 64
+	SECTION .text
+	global main
+
+main:
+	add	rax,rdx		; rax = rax + rdx
+	rcr	rax,1		; right rotate with carry