assembly - ASM_SystemCalls - Part I

KSATs: K0152, K0241, K0242, K0243, K0814, K0816, K0818, K0820, K0821, S0120, S0122, S0124, S0132

Measurement: Written, Performance

Lecture Time:

Demo/Performance Time:

Instructional Methods: Informal Lecture & Demonstration/Performance

Multiple Instructor Requirements: 1:8 for Labs

Classification: UNCLASSIFIED

Lesson Objectives:

  • LO 1 Understand the purpose of system calls and interrupts (Proficiency Level: B)

    • MSB 1.1 Implement system calls and interrupts (Proficiency Level: 2)

  • LO 2 Understand and access different processor modes in Assembly (Proficiency Level: B)

    • MSB 2.1 Write Assembly code for different processor modes (Proficiency Level: 2)

  • LO 3 Access files in Assembly (Proficiency Level: B)

    • MSB 3.1 Implement file handling in Assembly (Proficiency Level: 2)

  • LO 4 Explain Assembly debugging using WinDBG (Proficiency Level: B)

Performance Objectives (Proficiency Level: 3c)

  • Conditions: Given access to (references, tools, etc.):

    • Access to specified remote virtual environment
    • Student Guide and Lab Guide
    • Student Notes

  • Performance/Behavior Tasks:

  • Standard(s)

    • Criteria: Demonstration: Correctable to 100% in class
    • Evaluation: Students will have 4 hours to complete the timed evaluation consisting of both cognitive and performance components.
    • Minimum passing score is 80%

References

  1. Nebbett, G. (2000). Windows NT/2000 native API reference. Sams Publishing
  2. http://faculty.nps.edu/cseagle/assembly/sys_call.html
  3. http://www.c-jump.com/CIS77/ASM/Memory/lecture.html
  4. https://asmtutor.com/#lesson1
  5. https://asmtutor.com/#lesson22
  6. https://blog.packagecloud.io/eng/2016/04/05/the-definitive-guide-to-linux-system-calls/
  7. https://en.wikibooks.org/wiki/X86_Assembly/Interfacing_with_Linux
  8. https://en.wikibooks.org/wiki/X86_Assembly/Interfacing_with_Linux#Via_interrupt
  9. https://j00ru.vexillium.org/syscalls/nt/64/
  10. https://resources.infosecinstitute.com/calling-ntdll-functions-directly/#gref
  11. https://riptutorial.com/x86/example/12672/real-mode
  12. https://software.intel.com/content/www/us/en/develop/articles/intel-sdm.html
  13. https://stackoverflow.com/questions/29440225/in-linux-x86-64-are-syscalls-and-int-0x80-related
  14. https://wiki.osdev.org/Protected_Mode
  15. https://wiki.osdev.org/Real_Mode
  16. https://wiki.osdev.org/Security#Rings
  17. https://wiki.osdev.org/System_Management_Mode
  18. https://wiki.osdev.org/Virtual_8086_Mode
  19. https://www.codeproject.com/Articles/45788/The-Real-Protected-Long-mode-assembly-tutorial-for
  20. https://www.cs.uaf.edu/2016/fall/cs301/lecture/11_04_syscall.html
  21. https://www.researchgate.net/publication/241643659_Using_CPU_System_Management_Mode_to_Circumvent_Operating_System_Security_Functions
  22. https://www.tutorialspoint.com/assembly_programming/assembly_basic_syntax.htm
  23. https://www.tutorialspoint.com/assembly_programming/assembly_file_management.htm
  24. https://www.tutorialspoint.com/assembly_programming/assembly_system_calls.htm