Don't like this style? Click here to change it! blue.css

Welcome .... Click here to logout

x86 Exploitation as a goal

So we're going to do a ton of low-level hackery. At first it will feel far removed from your daily coding life.

But my goal is to give you a shot at understanding how malware really works. As you learn about CPUs you realize that every program is eventually reduced to machine language, so learning it, and how it gets exploited, and how to prevent that is essential to understanding cyber. If you look at it as learning to PWN some weak C code it will seem myopic. As your eyes become clear you realize that this course shows you to see the cracks beneath every program ever executed.

My goal is to teach you how your computer really works, how to exploit the simple mechanics of those computers, and how to jump into the fight to prevent the nuclear wars of our age.

Mastery Task A:

Learn just enough C to compile an executable that does some basic stuff:
  1. for loops
  2. if statements
  3. arithmetic
  4. variable assignments
  5. declare a function
  6. call your function
  7. declare an array of some type
  8. structs
  9. malloc to ask for memory
  10. pointers and dereferencing for access
  11. basic string (char array) manipulation
  12. do some file input/output
  13. use some formated printf statements

These might take us 1-3 classes depending on the vibe you give me as students.

Overview: Learn how to create and run programs in C and C++. You will compile from source programs. As a bonus I'll show you how to use git (and github) to save versions of your code.

C is the most common language in the world. It sticks around as the language that your operating system is written in and the language for writing other languages. Your cell phone and watch run C programs as does your alarm clock and car. It's everywhere. Why? Check out this poem.

The C Paradox:

I don't think C gets enough credit. Sure, C doesn't love you. C isn't about love--C is about thrills. C hangs around in the bad part of town. C knows all the gang signs. C has a motorcycle, and wears the leathers everywhere, and never wears a helmet, because that would mess up C's punked-out hair. C likes to give cops the finger and grin and speed away. Mention that you'd like something, and C will pretend to ignore you; the next day, C will bring you one, no questions asked, and toss it to you with a you-know-you-want-me smirk that makes your heart race. Where did C get it? "It fell off a truck," C says, putting away the boltcutters. You start to feel like C doesn't know the meaning of "private" or "protected": what C wants, C takes. This excites you. C knows how to get you anything but safety. C will give you anything but commitment.

In the end, you'll leave C, not because you want something better, but because you can't handle the intensity. C says "I'm gonna live fast, die young, and leave a good-looking corpse," but you know that C can never die, not so long as C is still the fastest thing on the road.

Let's Get Cranking / Don't be afraid

I don't think that listening to me blather on about technical nuances of C standards will really improve your lives. You've got to code, code early, code often, code poorly to code well. Get interactive with this material. When you have doubts, just make a version and test it. No actual human harm will happen when you code.

I Promise

Compile early and often

Run a basic C program:

Save your program. Create an account, title the program, save the program. Observe the URL. Click share.

Generally this is a fine way to get a program to a partner or me when you need to share your work.

Command Line: gcc, g++

GitHub as code starter: Get to a terminal and execute the line: git clone then cd hello

Compile hello.c: Open a terminal (either as a new tab or in the "bash" window). Change to the directory with hello.c and hello.cpp (the command is cd directory_name). Now compile the C program using gcc hello.c. That creates an executable file named a.out. Run that program using ./a.out.

Compile hello.cpp The C++ hello world can be compiled using g++ hello.cpp then executing ./a.out.

Compile hello.c with C++: since C++ is a super-set of C we can compile C with C++ and be happy. Execute g++ hello.c then ./a.out

Name your executable: Just for fun let's add a compiler flag into this: g++ hello.cpp -o edgar Now you have a file named edgar which you can execute using ./edgar. Now if we even wanted to save a couple of characters try this: export PATH=$PATH:$PWD then type edgar. (Edgar I was an early king of England.)

Behold x86: Now find the edgar executable. Run objdump -M intel -D a.out or on OSX objdump -x86-asm-syntax=intel -D a.out I intend to show you how to read this over time.

Continue that journey at

GitHub as code protection.

OK, so you want to make edits and not lose your code. Here's what you do.

Make an edit: I'm a big fan of VIM because it is on every machine ever and you can code at about 300% your normal speed. So do vi hello.cpp then carefully type the following 3jfisello<esc>ZZ (to learn more about VIM please go play

Save your edit: Now execute the command git commit -am "changed the code"

Now I want to have you create a GitHub repo where you can save your code.

GitHub Repo making: Head to github and create a new repository. It will give you a URL that you should copy.

Back in cslabs: Now execute the command: git remote add gh URL_PASTED_HERE with your URL in the magic spot there.

Push your changes to the internet: Now do git push gh master and give it your GitHub username and password when prompted.

Check it out: Now refresh the GitHub repo page and see your code.

Overview: You can't learn any language without knowing the basics.

Basic C coding

We will dive into the harder parts of C later but for now I want you to be comfortable with for, if, displaying output, writing functions, calling functions, and dealing with strings.

Whenever I pick up a new coding language I do the following.

Project Euler Optional Training: Go to and solve the first 10 problems using C++. Then refactor your answers to be raw C. This will take a bit but afterwards you'll feel like you understand everything. If you want some more basic training first then keep reading this page, otherwise move on.

Hello world

For the basics here is a simple "hello world" function with lots of comments to explain what each line does:

Adapt: Run that hello world and add one more printed line.

Display a variable value: Now use the line int a = 12; printf("a == %d", a); to print the value of an integer variable.

C "strings" or character arrays

This snippet shows a basic character array C string.

Try it: Execute that code and see the output.

Length research: Adapt that script to use strlen to display the length of the "string" stored in text. I had to resolve two minor issues to get this to work perfectly. Use the internet to help yourself.

C++ strings

Here is a Hello world written in C++.

What are the differences?

Now here is the "string" class in C++.

Run it: Now adapt the string.

Extrapolate: Now use .length() to display the length of the string in the variable text. (Feel free to google a bit.)

The Docs

Take a look at this specification of the string class. Use a method you find to write a function that displays the first 7 characters of text.

String comparison is interesting and it returns 0 on equality, so be careful.

Adapt: Run the above snippet then change the text2 to be different and re-run.

Also notice how the if statement works.


You will often find yourself needing to execute code loops. That is a set of code which runs many many times and each time there is one small change per execution.

Here is another valid loop that does the same thing.

Here is another version of the same loop.

Devise your own: If you use the word break and an if statement can you make your own loop which does the same thing but has an opening for(;;)?

Write a string compare for C: Using the original C character array example can you compare two C strings?

Writing Functions

Here is a snippet that uses a custom function to compare two integers.

Note that it matches the way main is declared. There is a return type a function name and a list of input arguments.

This function is called inside the for loop.

Write a function: Call it square have it consume one integer and return the integer squared.

We will deal with passing arguments to functions in the next part.

Overview: I also want you to know how to help yourself by browsing the documentation.

Here is a complete list of every base C keyword/command:

These make up the base language of C. Some of them I have never used. So when it comes to picking up comfort with a new language what do you do? Well I like to consult the documentation when I need to understand something new. Let's do that now.

Use a new word: Pick a word from this list that you've never used before. Look up the usage, inputs, and outputs of that command/keyword at a C reference site like or the gnu-c-manual. Build a program that uses it (if you need a goal for the program then calculate the sum of the first 10 fibonacci numbers or something).

Now this sort of exercise accomplished several things. One, you learn to use complete documentation which has a benefit over tutorials and snippets. This makes you feel secure that you see a wider range of possibilities (you're not missing something). Two, you learn to teach yourself in a just-in-time manner from the right sources. Most coders spend daily time on stackoverflow and search engines. Three, if you get a rough sense of what is possible then you can come back to that possibility in your thinking. When it's time to structure a program you get a feel for what the language can do easily and what requires a library.

Library References

The next stage is to learn what is possible in the standard libraries. For instance, printf is NOT on my list of basic C words. It is in the stdio.h library.

So I won't list every function in every standard library but here are some ways for you to find a similar comprehensive list:

To see the standard libraries gives you a notion of the other tricks available.

Randomize: Write me a function that rolls a die by displaying to the screen a random number from 1 to 6. Use the links above to find the right libraries to include and research around to understand the nature of srand.

Goals as motivation

It is essential to success in any endeavor to have goals and timelines on those goals. It is no different with teaching yourself a coding language. Setting a goal is easy and to pursue it seriously often shows you if it was the right goal to set.

In this case pick small tasks and try to do them in a fixed amount of time.

Learn by task: Your goal is to write a program which can read a file named "input.txt". The file will contain numbers separated by dashes and spaces. The numbers translate 1 to A and 26 to Z. Then those letters have been encrypted by ROT13. Spaces are breaks in words and dashes are separators for letters in the same word. Your job is to read in the file and then create a new file in which you write the final plaintext message. Create a cloud9 workspace, share it with a partner from Slack. Split the overall goal into micro tasks that you can each work on independently (e.g. FileIO, word separation, from number to plaintext). Give yourself one afternoon to get it done.

As an example here is the message "this is encoded with a caesar cipher" as input.txt:

If you want a message that you don't know use: