-1

What is,

        MOV AX, 4512H
        MOV BX, 23AFH
        JMP NEXT
        ADD BH,AH
NEXT:   NOP

in hexadecimal and how would I get there?

Peter Cordes
  • 328,167
  • 45
  • 605
  • 847
crazyturtle1234
  • 9
  • 1
  • 1
    A decent link [A Shellcode: The Payload](https://www.tenouk.com/Bufferoverflowc/Bufferoverflow5.html) (short answer, you compile, link and then disassemble the executable and pick out the op-codes and arrange them in a character array) – David C. Rankin Mar 24 '20 at 06:35
  • 2
    The machine code for those instructions depends on whether they need to execute in 16-bit mode, or in 32/64-bit mode. The latter will need `66` operand-size prefixes on the 16-bit instructions. Use an assembler, e.g. `nasm -l listing.txt foo.asm` – Peter Cordes Mar 24 '20 at 07:20

1 Answers1

1

Your six lines look like a source code in assembly language. If you write the text to a text file, named for instance "turtle.asm", it can be converted to hexadecimal code by a program called "assembler".

R:\>type turtle.asm
        MOV AX, 4512H
        MOV BX, 23AFH
        JMP NEXT
        ADD BH,AH
NEXT:   NOP

R:\>euroasm turtle.asm
I0010 EuroAssembler version 20191104 started.
I0020 Current directory is "R:\".
I0180 Assembling source file "turtle.asm".
I0270 Assembling source "turtle".
I0310 Assembling source pass 1.
I0310 Assembling source pass 2.
I0330 Assembling source pass 3 - final.
I0760 16bit TINY BIN file "turtle.bin" created from source, size=11.
I0750 Source "turtle" (5 lines) assembled in 3 passes with errorlevel 0.
I0860 Listing file "turtle.asm.lst" created, size=705.
I0980 Memory allocation 320 KB. 21 statements assembled in 1 s.
I0990 EuroAssembler terminated with errorlevel 0.

This command converted your source "turtle.asm" to eleven bytes of binary code in file "turtle.bin". Their hexadecimal values you can see in the listing file "turtle.asm.lst":

R:\>type turtle.asm.lst
|                           turtle: PROGRAM
|[BIN]                     ::::Section changed.
|0000:B81245               |        MOV AX, 4512H
|0003:BBAF23               |        MOV BX, 23AFH
|0006:EB02                 |        JMP NEXT
|0008:00E7                 |        ADD BH,AH
|000A:90                   |NEXT:   NOP
|                           ENDPROGRAM turtle:
|        **** ListMap "turtle.bin",groups=1,segments=1,entry=,stack=[BIN]:0000FFFEh
|        [BIN],VA=00000000h,size=0000000Bh=11,group [BIN]
|          [BIN],VA=00000000h,size=0000000Bh=11,width=16,align=0010h,purpose=CODE+DATA+BSS+STACK
|        **** ListGlobals "turtle.bin",Global=0,Public=0,Extern=0,eXport=0,Import=0

If you change the filename extension from ".bin" to ".com", DOS or DosBox or 32bit Windows will try to execute your instructions. In this case your program fails because you didn't terminate it properly. Change the last line from NEXT: NOP to NEXT: RET and it will run gracefully (although it doesn't do anything useful), as you'd be able to see in Borland TurboDebugger:

R:\td turtle.com
vitsoft
  • 5,515
  • 1
  • 18
  • 31
  • This seems to have helped a little bit, as I wasn’t able to run the code myself without running into errors. But it seems a little hard for me to find the hexadecimal section, could you lay it out in a line? ex.) A7 78 B8 D4 – crazyturtle1234 Mar 24 '20 at 22:09
  • 1
    @crazyturtle1234 you do have documentation on the instruction set yes, everything you need and way more has been shown in this answer. are you not able to look up the opcode for a mov or a jmp and see how that maps to what is shown here? – old_timer Mar 24 '20 at 22:32