CHAPTER 2x86 Assembly: Data, Modes, Registers, and Memory Access
Most software reverse engineering requires disassembling a compiled executable and analyzing the result. This disassembly results in assembly code, not a higher-level language.
While a few assembly languages exist, x86 is one of the most widely used. This chapter introduces some of the key concepts of x86 assembly, providing a foundation for later chapters.
Introduction to x86
Thousands of computer architectures exist. While they all work similarly, a computer is a computer—but there are minor or major differences between each.
To study reverse engineering, we need to select an architecture to focus on. In this book, we'll be using x86, which was selected for a few different reasons:
- Ubiquity: x86 is the most widely used assembly language, making it widely applicable for reverse engineering.
- Computer support: x86 applications can be built, run, and reverse engineered on any desktop, laptop, or server.
- Market share: x86 is the core of the major operating systems (Windows, Linux, and macOS), so it is used in billions of systems.
The x86 architecture has been around for decades and has evolved significantly over the years. It was first introduced in 1974 by Intel, and some of the main milestones in the history of x86 include the following:
- Intel 8080: 8-bit microprocessor, introduced in 1974
- Intel 8086: 16-bit microprocessor, introduced in 1978
- Intel 80386: 32-bit microprocessor, introduced in 1985
- Intel Prescott, ...
Get x86 Software Reverse-Engineering, Cracking, and Counter-Measures now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.