day1 week1
This commit is contained in:
31
week1/day1/README.md
Normal file
31
week1/day1/README.md
Normal file
@@ -0,0 +1,31 @@
|
||||
# Day 1: Variables, Memory, and the Stack
|
||||
|
||||
## 📝 Concepts Covered
|
||||
Today we explored how high-level C variables are translated into low-level machine instructions and memory operations.
|
||||
|
||||
### 1. The Stack and RBP
|
||||
Local variables in C are stored on the **Stack**. The CPU uses the `RBP` (Base Pointer) register as a reference point to find these variables.
|
||||
- `int a = 123;` -> `mov DWORD PTR [rbp-4], 0x7b`
|
||||
|
||||
### 2. Register Basics (x64)
|
||||
Registers are small, fast storage locations inside the CPU.
|
||||
- `RAX`, `RBX`, `RCX`, `RDX`: General purpose 64-bit registers.
|
||||
- `EAX`, `EBX`, `ECX`, `EDX`: The lower 32-bit halves of the above (used for `int` in C).
|
||||
|
||||
### 3. Data Sizes
|
||||
The assembly instruction specifies how much data to move:
|
||||
- `BYTE PTR`: 1 byte (`char`)
|
||||
- `WORD PTR`: 2 bytes (`short`)
|
||||
- `DWORD PTR`: 4 bytes (`int`)
|
||||
- `QWORD PTR`: 8 bytes (`long` or pointers)
|
||||
|
||||
### 4. Arithmetic Pattern
|
||||
CPUs perform arithmetic using a **Load-Modify-Store** cycle:
|
||||
1. **Load** memory value into a register.
|
||||
2. **Add/Sub** the register value.
|
||||
3. **Store** the register result back into memory.
|
||||
|
||||
## 🛠 Exercises Completed
|
||||
- `exo_1.c`: Basic assignment and hex identification.
|
||||
- `exo_2.c`: Arithmetic deconstruction (The `add` instruction).
|
||||
- `exo_3.c`: Data type sizes and memory offsets.
|
||||
31
week1/day1/anki_cards.md
Normal file
31
week1/day1/anki_cards.md
Normal file
@@ -0,0 +1,31 @@
|
||||
# Day 1: C & Reverse Engineering Anki Cards
|
||||
|
||||
## Card 1
|
||||
**Front:** In x64 Assembly, what does `DWORD PTR` indicate about the size of the data?
|
||||
**Back:** It indicates a 32-bit (4-byte) value, typically used for an `int` in C.
|
||||
|
||||
## Card 2
|
||||
**Front:** Translate the C code `int x = 10;` into a conceptual x64 assembly instruction.
|
||||
**Back:** `mov DWORD PTR [rbp-offset], 0xa`
|
||||
|
||||
## Card 3
|
||||
**Front:** Why can't a CPU usually add two memory locations directly (e.g., `add [mem1], [mem2]`)?
|
||||
**Back:** Architecture constraints. It must follow the **Load-Modify-Store** pattern: move values into registers, perform the addition, and store the result back.
|
||||
|
||||
## Card 4
|
||||
**Front:** What is the relationship between `RAX` and `EAX`?
|
||||
**Back:** `EAX` is the lower 32-bit half of the 64-bit `RAX` register.
|
||||
|
||||
## Card 5
|
||||
**Front:** Match the C type to its Assembly size prefix:
|
||||
1. `char`
|
||||
2. `short`
|
||||
3. `int`
|
||||
**Back:**
|
||||
1. `BYTE PTR` (1 byte)
|
||||
2. `WORD PTR` (2 bytes)
|
||||
3. `DWORD PTR` (4 bytes)
|
||||
|
||||
## Card 6
|
||||
**Front:** What does the `RBP` register represent in the context of local variables?
|
||||
**Back:** The **Base Pointer**. It serves as a fixed reference point on the stack from which local variables are accessed via offsets (e.g., `[rbp-4]`).
|
||||
BIN
week1/day1/exo_1
Executable file
BIN
week1/day1/exo_1
Executable file
Binary file not shown.
7
week1/day1/exo_1.c
Normal file
7
week1/day1/exo_1.c
Normal file
@@ -0,0 +1,7 @@
|
||||
#include <stdio.h>
|
||||
|
||||
int main(){
|
||||
int a = 123;
|
||||
int b = 456;
|
||||
return 0;
|
||||
}
|
||||
BIN
week1/day1/exo_2
Executable file
BIN
week1/day1/exo_2
Executable file
Binary file not shown.
7
week1/day1/exo_2.c
Normal file
7
week1/day1/exo_2.c
Normal file
@@ -0,0 +1,7 @@
|
||||
|
||||
int main(){
|
||||
int a = 10;
|
||||
int b = 20;
|
||||
int sum = a + b;
|
||||
return 0;
|
||||
}
|
||||
BIN
week1/day1/exo_3
Executable file
BIN
week1/day1/exo_3
Executable file
Binary file not shown.
6
week1/day1/exo_3.c
Normal file
6
week1/day1/exo_3.c
Normal file
@@ -0,0 +1,6 @@
|
||||
int main(){
|
||||
char a = 1;
|
||||
short b = 22;
|
||||
int c = 123;
|
||||
return 0;
|
||||
}
|
||||
Reference in New Issue
Block a user