x86-64 Assembly
In this page we'll dive into the basics of x86-64 assembly language.
Basic Structure
Just like sentences in human language follow a grammatical structure with subjects, objects, and predicates, assembly language also has its own structured format. When we read a sentence, we identify the meaning of each word based on grammar, allowing us to understand the sentence as a whole. The same principle applies to x86-64 Assembly language, but with a much simpler structure.
In x86-64 Assembly, each instruction follows a basic format:
Instruction (Opcode) → The action to be performed (similar to a verb in human language).
Operand(s) → The data or registers affected by the instruction (similar to the object in a sentence).
Example:
mov→ Instruction (verb) (tells the CPU to move data)rax, 10→ Operands (object) (specifies what is being moved and where)
This simple structure makes Assembly efficient and direct, allowing the CPU to execute instructions as fast as possible.
Opcode
Intel's x64 has a very large number of instructions. We'll go over 21 key instructions, categorized as follows:
Instruction code
Data Transfer
mov, lea
Arithmetic
inc, dec, add, sub
Logical
and, or, xor, not
Comparison
cmp, test
Branch
jmp, je, jg
Stack
push, pop
Procedure
call, ret, leave
System call
syscall
Operands
Operands can be of three types:
Immediate value
Register
Memory
Memory operands are denoted by square brackets [], with a size directive TYPE PTR before them. The types include BYTE, WORD, DWORD, QWORD, corresponding to 1-byte, 2-byte, 4-byte, and 8-byte sizes, respectively.
Examples of memory operands
Memory Operands
Meaning
QWORD PTR [0x8048000]
Referencing 8 bytes of data at 0x8048000
DWORD PTR [0x8048000]
Referencing 4 bytes of data at 0x8048000
WORD PTR [rax]
Referencing 2 bytes of two bytes of data at the address pointed to by RAX
I will leave the Assembly cheat sheet below in a page to avoid clutter on this one
Last updated